Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentPowerConnect B-TI24x

941

942

943

944

945

946

947

948

949

950

908 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring authentication-method lists

• Local user accounts configured on the device

• Database on a TACACS or TACACS+ server

• Database on a RADIUS server

• No authentication

NOTE

The TACACS/TACACS+, RADIUS, and Telnet login password authentication methods are not

supported for SNMP access.

NOTE

To authenticate Telnet access to the CLI, you also must enable the authentication by entering the

enable telnet authentication command at the global CONFIG level of the CLI.

NOTE

You do not need an authentication-method list to secure access based on ACLs or a list of IP

addresses. Refer to “Using ACLs to restrict remote access” on page 857 or “Restricting remote

access to the device to specific IP addresses” on page 860.

In an authentication-method list for a particular access method, you can specify up to seven

authentication methods. If the first authentication method is successful, the software grants

access and stops the authentication process. If the access is rejected by the first authentication

method, the software denies access and stops checking.

However, if an error occurs with an authentication method, the software tries the next method on

the list, and so on. For example, if the first authentication method is the RADIUS server, but the link

to the server is down, the software will try the next authentication method in the list.

NOTE

If an authentication method is working properly and the password (and user name, if applicable) is

not known to that method, this is not an error. The authentication attempt stops, and the user is

denied access.

The software will continue this process until either the authentication method is passed or the

software reaches the end of the method list. If the Super User level password is not rejected after

all the access methods in the list have been tried, access is granted.

Configuration considerations for authentication- method lists

• For CLI access, you must configure authentication-method lists if you want the device to

authenticate access using local user accounts or a RADIUS server. Otherwise, the device will

authenticate using only the locally based password for the Super User privilege level.

• For devices that can be managed using Brocade Network Advisor, the default authentication

method (if no authentication-method list is configured for SNMP) is the CLI Super User level

password. If no Super User level password is configured, then access through Brocade

Network Advisor is not authenticated.