Configuring Login Authentication; Login Authentication - Cisco Catalyst 2950 Software Manual
Desktop switch software configuration guide
Hide thumbs
Also See for Catalyst 2950:
- Configuration manual (710 pages) ,
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages)
Table of Contents
Advertisement
Chapter 6
Configuring the System
Command
Step 1
tacacs-server host name [timeout
integer] [key string]
Step 2
tacacs-server retransmit retries
Step 3
tacacs-server timeout seconds
Step 4
tacacs-server attempts count
Step 5
tacacs-server key key
Step 6
exit
Step 7
show tacacs
Configuring Login Authentication
Beginning in privileged EXEC mode, follow these steps to configure login authentication by using
AAA/TACACS+:
Command
Step 1
configure terminal
Step 2
aaa new-model
Step 3
aaa authentication login {default |
list-name} method1 [method2...]
Step 4
line [aux | console | tty | vty]
line-number [ending-line-number]
Step 5
login authentication {default |
list-name}
Step 6
exit
Step 7
show running-config
The variable list-name is any character string used to name the list you are creating. The method variable
refers to the actual methods the authentication algorithm tries, in the sequence entered. You can choose
one of these methods:
•
•
78-11380-03
Purpose
Define a TACACS+ host.
Entering the timeout and key parameters with this command overrides the
global values that you can enter with the tacacs-server timeout (Step 3) and
the tacacs-server key commands (Step 5).
Enter the number of times the server searches the list of TACACS+ servers
before stopping.
The default is two.
Set the interval that the server waits for a TACACS+ server host to reply.
The default is 5 seconds.
Set the number of login attempts that can be made on the line.
Define a set of encryption keys for all of TACACS+ and communication
between the access server and the TACACS daemon.
Repeat the command for each encryption key.
Return to privileged EXEC mode.
Verify your entries.
Purpose
Enter global configuration mode.
Enable AAA/TACACS+.
Enable authentication at login, and create one or more lists of authentication
methods.
Enter line configuration mode, and configure the lines to which you want to
apply the authentication list.
Apply the authentication list to a line or set of lines.
Return to privileged EXEC mode.
Verify your entries.
line—Uses the line password for authentication. You must define a line password before you can
use this authentication method. Use the password password line configuration command.
local—Uses the local username database for authentication. You must enter username information
in the database. Use the username password global configuration command.
Catalyst 2950 Desktop Switch Software Configuration Guide
Configuring TACACS+
6-21
- Quick Links:
- Features
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
