Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentPowerConnect B-TI24x

931

932

933

934

935

936

937

938

939

940

902 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring RADIUS security

PowerConnect(config)# aaa authentication enable default radius local none

The command above causes RADIUS to be the primary authentication method for securing access

to Privileged EXEC level and CONFIG levels of the CLI. If RADIUS authentication fails due to an error

with the server, local authentication is used instead. If local authentication fails, no authentication

is used; the device automatically permits access.

Syntax: [no] aaa authentication enable | login default <method1> [<method2>] [<method3>]

[<method4>] [<method5>] [<method6>] [<method7>]

The web-server | enable | login parameter specifies the type of access this authentication-method

list controls. You can configure one authentication-method list for each type of access.

The <method1> parameter specifies the primary authentication method. The remaining optional

<method> parameters specify additional methods to try if an error occurs with the primary method.

A method can be one of the values listed in the Method Parameter column in the following table.

NOTE

For examples of how to define authentication-method lists for types of authentication other than

RADIUS, refer to “Configuring authentication-method lists” on page 907.

Entering privileged EXEC mode after a Telnet or SSH login

By default, a user enters User EXEC mode after a successful login through Telnet or SSH.

Optionally, you can configure the device so that a user enters Privileged EXEC mode after a Telnet

or SSH login. To do this, use the following command.

PowerConnect(config)# aaa authentication login privilege-mode

Syntax: aaa authentication login privilege-mode

The user privilege level is based on the privilege level granted during login.

TABLE 142 Authentication method values

Method parameter Description

line Authenticate using the password you configured for Telnet access. The Telnet password is

configured using the enable telnet password… command. Refer to “Setting a Telnet

password” on page 866.

enable Authenticate using the password you configured for the Super User privilege level. This

password is configured using the enable super-user-password… command. Refer to

“Setting passwords for management privilege levels” on page 866.

local Authenticate using a local user name and password you configured on the device. Local

user names and passwords are configured using the username… command. Refer to

“Configuring a local user account” on page 874.

tacacs Authenticate using the database on a TACACS server. You also must identify the server to

the device using the tacacs-server command.

tacacs+ Authenticate using the database on a TACACS+ server. You also must identify the server to

the device using the tacacs-server command.

radius Authenticate using the database on a RADIUS server. You also must identify the server to

the device using the radius-server command.

none Do not use any authentication method. The device automatically permits access.