Configuring AAA
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
The following example shows how to configure authentication methods for the console login:
switch# configure terminal
switch(config)# aaa authentication login console group radius
switch(config)# exit
switch# show aaa authentication
switch# copy running-config startup-config
Configuring Default Login Authentication Methods
The authentication methods include the following:
• Global pool of RADIUS servers
• Named subset of RADIUS or TACACS+ servers
• Local database on the Nexus 5000 Series switch
• Username only
The default method is local.
Before you configure default login authentication methods, configure RADIUS or TACACS+ server groups
as needed. To configure default login authentication methods, perform this task:
OL-16597-01
Command or Action
switch# configure terminal
switch(config)# aaa
authentication login console
{group group-list [none] | local
| none}
switch(config)# exit
switch# show aaa authentication
switch# copy running-config
startup-config
Configuring Default Login Authentication Methods
Purpose
Enters configuration mode.
Configures login authentication methods for the console.
The group-list argument consists of a space-delimited list of
group names. The group names are the following:
• radius —Uses the global pool of RADIUS servers for
authentication.
• named-group —Uses a named subset of TACACS+ or
RADIUS servers for authentication.
The local method uses the local database for authentication.
The none method uses the username only.
The default console login method is local , which is used
when no methods are configured or when all of the configured
methods fail to respond.
Exits configuration mode.
(Optional)
Displays the configuration of the console login authentication
methods.
(Optional)
Copies the running configuration to the startup configuration.
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
233