222
AAA Commands
Default Configuration
The default enable list is
enableList
. It is used by console, telnet, and SSH
and only contains the method
none
.
Command Mode
Global Configuration mode
User Guidelines
The default and optional list names created with the
aaa authentication
enable
command are used with the
enable authentication
command.
Create a list by entering the
aaa authentication enable
list-name method
command where
list-name
is any character string used to name this list. The
method
argument identifies the list of methods that the authentication
algorithm tries in the given sequence.
The additional methods of authentication are used only if the previous
method returns an error, not if it fails to authenticate the user. Only the
RADIUS or TACACS methods can return an error. To ensure that the
authentication succeeds even if all methods return an error, specify
none
as
the final method in the command line. Note that
enable
will not succeed for
a level one user if no authentication method is defined. A level one user must
authenticate to get to privileged EXEC mode. For example, if
none
is
specified as an authentication method after
radius
, no authentication is used
if the RADIUS server is down.
NOTE: Requests sent by the switch to a RADIUS server include the username
"$enabx$", where x is the requested privilege level. For enable to be authenticated
on Radius servers, add "$enabx$" users to them. The login user ID is also sent to
servers for enable authentication.
Example
The following example sets authentication when accessing higher privilege
levels.
console(config)# aaa authentication enable default enable
2CSNXXX_SWUM200.book Page 222 Tuesday, December 10, 2013 1:22 PM
Содержание Networking 2048
Страница 82: ...Contents 82 ...
Страница 216: ...216 Layer 2 Switching Commands ...
Страница 248: ...248 AAA Commands ...
Страница 256: ...256 Administrative Profiles Commands ...
Страница 278: ...278 ACL Commands ...
Страница 296: ...296 Address Table Commands ...
Страница 344: ...344 DHCP Snooping Commands ...
Страница 356: ...356 Dynamic ARP Inspection Commands 12 Enabled Disabled ...
Страница 414: ...414 Ethernet Configuration Commands ...
Страница 465: ...IGMP Snooping Commands 465 Example console config ip igmp snooping vlan 10 mrouter interface Gi1 0 2 ...
Страница 466: ...466 IGMP Snooping Commands ...
Страница 476: ...476 IGMP Snooping Querier Commands ...
Страница 508: ...508 IPv6 Access List Commands ...
Страница 520: ...520 IPv6 MLD Snooping Commands ...
Страница 528: ...528 IPv6 MLD Snooping Querier Commands ...
Страница 550: ...550 Link Dependency Commands ...
Страница 574: ...574 LLDP Commands ...
Страница 606: ...606 Port Channel Commands ...
Страница 626: ...626 MLAG ...
Страница 634: ...634 Port Monitor Commands ...
Страница 728: ...728 RADIUS Commands ...
Страница 780: ...780 TACACS Commands ...
Страница 790: ...790 UDLD Commands User Guidelines This command has no user guidelines ...
Страница 840: ...840 Voice VLAN Commands ...
Страница 878: ...878 802 1x Commands ...
Страница 880: ...880 Data Center Technology Commands ...
Страница 915: ...Priority Flow Control Commands 915 Te1 0 23 0 2 4 7 3 Active Te1 0 24 0 7 Inactive ...
Страница 916: ...916 Priority Flow Control Commands ...
Страница 918: ...918 Layer 3 Commands ...
Страница 958: ...958 DHCP Server and Relay Agent Commands ...
Страница 994: ...994 DHCPv6 Snooping Commands ...
Страница 1002: ...1002 DVMRP Commands ...
Страница 1006: ...1006 GMRP Commands ...
Страница 1028: ...1028 IGMP Proxy Commands ...
Страница 1080: ...1080 IP Routing Commands ...
Страница 1131: ...IPv6 Routing Commands 1131 2 2001 2 12 msec 13 msec 12 msec 3 2001 2 14 msec 9 msec 11 msec ...
Страница 1132: ...1132 IPv6 Routing Commands ...
Страница 1136: ...1136 Loopback Interface Commands ...
Страница 1165: ...Multicast Commands 1165 ...
Страница 1166: ...1166 Multicast Commands ...
Страница 1188: ...1188 IPv6 Multicast Commands ...
Страница 1189: ...IPv6 Multicast Commands 1189 ...
Страница 1190: ...1190 IPv6 Multicast Commands ...
Страница 1276: ...1276 OSPF Commands console config router timers spf 20 30 ...
Страница 1356: ...1356 Routing Information Protocol Commands ...
Страница 1362: ...1362 Tunnel Interface Commands ...
Страница 1384: ...1384 Virtual Router Redundancy Protocol Commands ...
Страница 1386: ...1386 Utility Commands ...
Страница 1426: ...1426 Captive Portal Commands ...
Страница 1450: ...1450 Clock Commands ...
Страница 1456: ...1456 Command Line Configuration Scripting Commands ...
Страница 1476: ...1476 Configuration and Image File Commands ...
Страница 1520: ...1520 Password Management Commands ...
Страница 1538: ...1538 Power Over Ethernet Commands Example console config show power inline firmware version Unit Firmware Version 1 248_48 ...
Страница 1564: ...1564 SDM Templates Commands ...
Страница 1596: ...1596 Serviceability Tracing Packet Commands ...
Страница 1608: ...1608 Sflow Commands ...
Страница 1634: ...1634 SNMP Commands ...
Страница 1646: ...1646 SSH Commands IP Address User Name Idle Time SessionTime 10 240 1 122 John 00 00 00 00 00 08 ...
Страница 1668: ...1668 Syslog Commands ...
Страница 1744: ...1744 System Management Commands ...
Страница 1750: ...1750 Terminal Length Commands ...
Страница 1762: ...1762 USB Flash Drive Commands ...
Страница 1786: ...1786 Web Server Commands ...
Страница 1821: ...W write 1474 write core 1593 ...
Страница 1822: ...www dell com support dell com Printed in the U S A ...
Страница 1823: ......