Configuration Guide (Supporting R2.2.0.0) Owner's manual
Brocade 6910 Ethernet Access Switch Configuration Guide 139
53-1002651-02
Chapter
9Authentication Commands
In this chapter
This switch can be configured to authenticate users logging into the system for management
access using local or remote authentication methods. Port-based authentication using IEEE
802.1X can also be configured to control either management access to the uplink ports or client
access
3
to the data ports.
User Accounts
The basic commands required for management access are listed in this section. This switch also
includes other options for password checking via the console or a Telnet connection (see “Line” on
page 75), user authentication via a remote authentication server, and host access authentication
for specific ports (see “802.1X Port Authentication” on page 172).
TABLE 33 Authentication Commands
Command Group Function
User Accounts Configures the basic user names and passwords for management access
Authentication Sequence Defines logon authentication method and precedence
RADIUS Client Configures settings for authentication via a RADIUS server
TACACS+ Client Configures settings for authentication via a TACACS+ server
AAA Configures authentication, authorization, and accounting for network access
Web Server Enables management access via a web browser
Telnet Server Enables management access via Telnet
Secure Shell Provides secure replacement for Telnet
802.1X Port Authentication Configures host authentication on specific ports using 802.1X
Management IP Filter Configures IP addresses that are allowed management access
3. For other methods of controlling client access, see “General Security Measures” on page 189.
TABLE 34 User Access Commands
Command Function Mode
enable password Sets a password to control access to the Privileged Exec level GC
username Establishes a user name-based authentication system at login GC