Manualshelf

Administrator Guide

ManualsBrandsDell ManualsserversDell Force10 MXL Blade
61626364656667686970
Example of an ACL that Permits Terminal Access
To view the conguration, use the show config command in LINE mode.
Dell(config-std-nacl)#show config
!
ip access-list standard myvtyacl
seq 5 permit host 10.11.0.1
Dell(config-std-nacl)#line vty 0
Dell(config-line-vty)#show config
line vty 0
access-class myvtyacl
Dell OS Behavior: Prior to Dell OS version 7.4.2.0, in order to deny access on a VTY line, apply an ACL and accounting,
authentication, and authorization (AAA) to the line. Then users are denied access only after they enter a username and password.
Beginning in Dell OS version 7.4.2.0, only an ACL is required, and users are denied access before they are prompted for a username
and password.
Conguring Login Authentication for Terminal Lines
You can use any combination of up to six authentication methods to authenticate a user on a terminal line.
A combination of authentication methods is called a method list. If the user fails the rst authentication method, the system prompts
the next method until all methods are exhausted, at which point the connection is terminated. The available authentication methods
are:
enable
Prompt for the enable password.
line
Prompt for the password you assigned to the terminal line. Congure a password for the terminal line to
which you assign a method list that contains the line authentication method. Congure a password using the
password command from LINE mode.
local
Prompt for the system username and password.
none
Do not authenticate the user.
radius
Prompt for a username and password and use a RADIUS server to authenticate.
tacacs+
Prompt for a username and password and use a TACACS+ server to authenticate.
1. Congure an authentication method list. You may use a mnemonic name or use the default keyword. The default
authentication method for terminal lines is
local and the default method list is empty.
CONFIGURATION mode
aaa authentication login {method-list-name | default} [method-1] [method-2] [method-3]
[method-4] [method-5] [method-6]
2. Apply the method list from Step 1 to a terminal line.
CONFIGURATION mode
login authentication {method-list-name | default}
3. If you used the line authentication method in the method list you applied to the terminal line, congure a password for the
terminal line.
LINE mode
password
Example of Terminal Line Authentication
In the following example, VTY lines 0-2 use a single authentication method, line.
Dell(conf)#aaa authentication login myvtymethodlist line
Dell(conf)#line vty 0 2
Dell(config-line-vty)#login authentication myvtymethodlist
Management
69