Owner's Manual
58 AAA Commands
www.dell.com | support.dell.com
Create a list by entering the
aaa
authentication login
list-name method
command for a
particular protocol, where
list-name
is any character string used to name this list. The
method
argument identifies the list of methods that the authentication algorithm tries, in the given
sequence.
The additional methods of authentication are used only if the previous method returns an
error, not if it fails. To ensure that the authentication succeeds even if all methods return an
error, specify
none
as the final method in the command line. Spaces cannot be used in the
string which defines the list-name.
NOTE: Make sure that the given sequence of authentication methods is sensible. For example, a
sequence where Radius follows None is not sensible because None requires no authentication and,
therefore, the process will never require Radius authentication.
Example
The following example configures authentication login.
aaa authentication enable
The
aaa
authentication enable
global configuration command defines authentication method lists
for accessing higher privilege levels. To return to the default configuration use the
no
form of this
command.
Syntax
aaa authentication enable
{
default
|
list-name
}
method1
[
method2
...]
no aaa authentication enable default
•
default
—Uses the listed authentication methods that follow this argument as the default
list of methods, when using higher privilege levels.
•
list-name
—Character string used to name the list of authentication methods activated,
when using access higher privilege levels.
•
method1
[
method2
...]—Specify at least one from the following table:
Console (config)# aaa authentication login default radius local
enable none
Keyword Source or destination
enable Uses the enable password for authentication.
line Uses the line password for authentication.
none Uses no authentication.
tacacs Uses the list of all TACACS+ servers for authentication.