Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch
881882883884885886887888889890
To view the conguration, use the show config in LINE mode or the show running-config command in EXEC Privilege mode.
Dening a AAA Method List to be Used for RADIUS
To congure RADIUS to authenticate or authorize users on the system, create a AAA method list.
Default method lists do not need to be explicitly applied to the line, so they are not mandatory.
To create a method list, use the following commands.
Enter a text string (up to 16 characters long) as the name of the method list you wish to use with the RADIUS authentication method.
CONFIGURATION mode
aaa authentication login method-list-name radius
Create a method list with RADIUS and TACACS+ as authorization methods.
CONFIGURATION mode
aaa authorization exec {method-list-name | default} radius tacacs+
Typical order of methods: RADIUS, TACACS+, Local, None.
If RADIUS denies authorization, the session ends (RADIUS must not be the last method specied).
Applying the Method List to Terminal Lines
To enable RADIUS AAA login authentication for a method list, apply it to a terminal line.
To congure a terminal line for RADIUS authentication and authorization, use the following commands.
Enter LINE mode.
CONFIGURATION mode
line {aux 0 | console 0 | vty number [end-number]}
Enable AAA login authentication for the specied RADIUS method list.
LINE mode
login authentication {method-list-name | default}
This procedure is mandatory if you are not using default lists.
To use the method list.
CONFIGURATION mode
authorization exec methodlist
Specifying a RADIUS Server Host
When conguring a RADIUS server host, you can set dierent communication parameters, such as the UDP port, the key password, the
number of retries, and the timeout.
To specify a RADIUS server host and congure its communication parameters, use the following command.
Enter the host name or IP address of the RADIUS server host.
CONFIGURATION mode
radius-server host {hostname | ip-address} [auth-port port-number] [retransmit retries]
[timeout seconds] [key [encryption-type] key]
Congure the optional communication parameters for the specic host:
888
Security