3-70
To do…
Use the command…
Remarks
Specify the scheme
authentication mode
authentication-mode
scheme
Required
Whether local, RADIUS, or
HWTACACS authentication is
adopted depends on the configured
AAA scheme.
By default, the modem login
authentication mode of the device is
password.
Enable command
authorization
command authorization
Optional
z
By default, command
authorization is not enabled.
z
By default, command level for a
login user depends on the user
privilege level. The user is
authorized the command with the
default level not higher than the
user privilege level. With the
command authorization
configured, the command level
for a login user is determined by
both the user privilege level and
AAA authorization. If a user
executes a command of the
corresponding command level,
the authorization server checks
whether the command is
authorized. If yes, the command
can be executed.
Enable command
accounting
command accounting
Optional
z
By default, command accounting
is disabled. The accounting
server does not record the
commands executed by users.
z
Command accounting allows the
HWTACACS server to record all
executed commands that are
supported by the device,
regardless of the command
execution result. This helps
control and monitor user
operations on the device. If
command accounting is enabled
and command authorization is
not enabled, every executed
command is recorded on the
HWTACACS server. If both
command accounting and
command authorization are
enabled, only the authorized and
executed commands are
recorded on the HWTACACS
server.
Exit to system view
quit
—
Configure
the
authentic
Enter the
default ISP
domain view
domain
domain-name
Optional
By default, the AAA scheme is
local
.
Summary of Contents for SR6600 SPE-FWM
Page 112: ...6 101...