Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring Switch Authentication Features (Rev. 03)
User Privileges Configuration
© 2008 Foundry Networks, Inc.
Page 10 of 70
password
The password assigned to the user. A character string without blank
spaces.
PASSWORD
Character string without blank spaces, specifying the password. It is
recommended to use a string up to 64 characters.
CONFIRM-PASSWORD
User will have to retype the password for confirmation.
group
(Optional). Sets the privilege group for the user.
administrators
Assigns the user group
Administrators
privilege, with full read/write
privilege for Layer 2 and Layer 3 without restrictions.
net-admins
Assigns the user group
Net-admins
privilege, with read/write privilege
for Layer 2 and Layer 3 without access to security settings, software
upgrade, debug settings, reload and File System.
technicians
Assigns the user group
Technicians
privilege, with read/write privilege
for Layer 2 and read-only privilege for Layer 3.
users
Assigns the user group
Users
privilege, with read-only privilege for
Layer 2 and Layer 3.
guests
Assigns the user group
Guests
privilege, with read-only privilege in non-
privileged node.
Setting the Login Authentication
The
aaa authentication
login default
command, in Global Configuration mode, specifies the
default login authentication method. The
no
form of this command disables authentication – except
for the login password.
Use the command with the
radius
keyword to specify RADIUS as the login authentication method,
with the
keyword to specify as the login authentication method or with the
local
keyword for using the local database.
Command Syntax
device-name
(config)#
aaa authentication login default
[
radius
|
radius
|
local
|
radius
|
local local
]
device-name
(config)#
no aaa authentication login default
Argument Description
radius
(Optional). Sets authentication as primary method and
RADIUS Authentication as secondary.
radius
(Optional). Sets RADIUS authentication as primary method and
authentication as secondary.
local
(Optional). Sets authentication as primary method and local
authentication as secondary method.
radius local
(Optional). Sets RADIUS authentication as primary method and local
authentication as secondary method.