Table of Contents
Advertisement
authentication login
E
XAMPLE
Console(config)#authentication enable radius
Console(config)#
R
C
ELATED
OMMANDS
enable password
- sets the password for changing command modes (584)
This command defines the login authentication method and precedence.
Use the no form to restore the default.
S
YNTAX
authentication login {[local] [radius] [tacacs]}
no authentication login
local - Use local password.
radius - Use RADIUS server password.
tacacs - Use TACACS server password.
D
S
EFAULT
ETTING
Local
C
M
OMMAND
ODE
Global Configuration
C
U
OMMAND
SAGE
RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort
◆
delivery, while TCP offers a connection-oriented transport. Also, note
that RADIUS encrypts only the password in the access-request packet
from the client to the server, while TACACS+ encrypts the entire body
of the packet.
RADIUS and TACACS+ logon authentication assigns a specific privilege
◆
level for each user name and password pair. The user name, password,
and privilege level must be configured on the authentication server.
◆
You can specify three authentication methods in a single command to
indicate the authentication sequence. For example, if you enter
"authentication login radius tacacs local," the user name and
password on the RADIUS server is verified first. If the RADIUS server is
not available, then authentication is attempted on the TACACS+ server.
If the TACACS+ server is not available, the local user name and
password is checked.
E
XAMPLE
Console(config)#authentication login radius
Console(config)#
– 587 –
| Authentication Commands
C
24
HAPTER
Authentication Sequence
- Quick Links:
- Connecting to the Switch
- Resetting the System
Hide quick links:
Advertisement
Chapters
Table of Contents
