Aaa Authorization - NETGEAR M6100 Series Reference Manual

Default default
Format
aaa authentication enable {default | list-name} method1 [method2...]
Mode Global Config
Parameter Description
default Uses the listed authentication methods that follow this argument as the default list of methods, when
using higher privilege levels.
list-name Character string used to name the list of authentication methods activated, when using access
higher privilege levels. Range: 1-15 characters.
method1 Specify at least one from the following:
[method2...]
• deny. Used to deny access.
• enable. Uses the enable password for authentication.
• line. Uses the line password for authentication.
• none. Uses no authentication.
• radius. Uses the list of all RADIUS servers for authentication.
• tacacs. Uses the list of all TACACS+ servers for authentication.
Command example:
The following example sets authentication to access higher privilege levels:
(NETGEAR Switch)(config)# aaa authentication enable default enable
no aaa authentication enable
Use this command to return to the default configuration.
Format
no aaa authentication enable {default | list-name}
Mode Global Config

aaa authorization

Use this command to configure command and exec authorization method lists. This list is
identified by default or a user-specified list-name. If tacacs is specified as the
authorization method, authorization commands are notified to a TACACS+ server. If none is
specified as the authorization method, command authorization is not applicable. A maximum
of five authorization method lists can be created for the commands type.
Note: Local method is not supported for command authorization. Command
authorization with RADIUS will work if, and only if, the applied
authentication method is also radius.
M6100 Series Switches
Management Commands
80