Manualshelf

mac

ManualsBrandsip ManualsNetworkingipv6
51525354555657585960
Commands for Basic Switch Configuration
52
whether command accounting configures start-stop method or stop-only method.
Example: Configure the command accounting with the telnet method.
Switch(config)#authorization line vty command 15 start-stop tacacs
1.2.3 authentication enable
Command: authentication enable method1 [method2]
no authentication enable
Function: Configure the list of the enable authentication method. The no command
restores the default authentication method.
Parameters: method is the list of the authentication method, it must be among local,
tacacs and radius keywords; local uses the local database to authenticate; tacacs
uses the remote TACACS+ authentication server to authenticate; radius uses the
remote RADIUS authentication server to authenticate.
Default: The local authentication is enable command by default.
Command Mode: Global Mode.
Usage Guide: The enable authentication method can be any one or combination of
Local, RADIUS and TACACS. When login method is configuration in combination, the
preference goes from left to right. If the users have passed the authentication method,
authentication method of lower preferences will be ignored. To be mentioned, if the user
receives corresponding protocols answer whether refuse or incept, it will not attempt the
next authentication method (Exception: if the local authentication method failed, it will
attempt the next authentication method); it will attempt the next authentication method if
it receives nothing. And AAA function RADIUS server should be configured before the
RADIUS configuration method can be used. And TACACS server should be configured
before the TACACS configuration method can be used.
Example: Configure the enable authentication method to be tacacs and local.
Switch(config)#authentication enable tacacs local
1.2.4 authentication ip access-class
Command: authentication ip access-class {<num-std>|<name>}
no authentication ip access-class
Function: Binding standard IP ACL protocol to login with Telnet/SSH/Web; the no form
command will cancel the binding ACL.
Parameters: <num-std> is the access-class number for standard numeric ACL, ranging
between 1-99; <name> is the access-class name for standard ACL, the character string
length is ranging between 1 and 32.
Default: The binding ACL to Telnet/SSH/Web function is closed by default.