Manualshelf

User Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 3 24-Port 10G SFP+ + 4-Port 100G QSFP28 Managed Switch
81828384858687888990
89
Users Manual of XGS-6350-24X4C
Command Purpose
aaa authorization exec {default |
list-name}method1 [method2...]
Establishes global authorization list.
line [console | vty ] line-number
[ending-line-number]
Enters the line configuration mode for
the lines to which you want to apply
the authorization method list.
login authorization {default | list-name}
Applies the authorization list to a line
or set of lines(in line configuration
mode).
The keyword list-name is the character string used to name the list of authorization methods.
The keyword method specifies the actual method during authorization process. Method lists enable you to
designate one or more security protocols to be used for authorization, thus ensuring a backup system in case
the initial method fails. The system uses the first method listed to authorize users for specific network services;
if that method fails to respond, the system selects the next method listed in the method list. This process
continues until there is successful communication with a listed authorization method, or all methods defined
are exhausted. If all specified methods fail to respond, and you still want the system to enter the EXEC shell,
you should specify none as the last authorization method in command line.
Use default parameter to establish a default list, and the default list will apply to all interfaces automatically.
For example, use the following command to specify radius as the default authorization method for exec:
aaa authorization exec default group radius
If no method list is defined, the local authorization service will be unavailable and
the authorization is allowed to pass.
The following table lists the currently supported EXEC authorization mode:
Keyword Description
group WORD
Uses a named server group for authorization.
group radius Uses radius authorization.
local Uses the local database for authorization.
if-authenticated
Allows the user to access the requested function if the user is
authenticated.
none No authorization is performed.
6.1.8 AAA Authorization Example
EXEC local authorization example
aaa authentication login default local
aaa authorization exec default local
!