15
Usage guidelines
You can specify one primary authentication method and multiple backup authentication methods.
When the primary method is invalid, the device attempts to use the backup methods in sequence.
For example, the
authentication login radius-scheme
radius-scheme-name
local
none
command
specifies the default primary RADIUS authentication method and two backup methods (local
authentication and no authentication). The device performs RADIUS authentication by default and
performs local authentication when the RADIUS server is invalid. The device does not perform
authentication when both of the previous methods are invalid.
Examples
# In ISP domain
test
, perform local authentication for login users.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authentication login local
# In ISP domain
test
, perform RADIUS authentication for login users based on scheme
rd
and use
local authentication as the backup.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authentication login radius-scheme rd local
Related commands
authentication default
hwtacacs scheme
ldap scheme
local-user
radius scheme
authentication onu
Use
authentication onu
to specify authentication methods for ONU users.
Use
undo authentication
onu
to restore the default.
Syntax
In non-FIPS mode:
authentication onu
{
local
[
none
] |
none
|
radius-scheme
radius-scheme-name
[
local
]
[
none
]
}
undo authentication onu
In FIPS mode:
authentication onu
{
local
|
radius-scheme
radius-scheme-name
[
local
] }
undo authentication onu
Default
The default authentication methods of the ISP domain are used for ONU users.
Views
ISP domain view
Predefined user roles
network-admin