VTY Line and Access-Class
Configuration
Various methods are available to restrict VTY access in the Dell Networking OS. These depend on which
authentication scheme you use — line, local, or remote.
Table 80. VTY Access
Authentication Method
Line
Local
TACACS+
RADIUS
The system provides several ways to configure access classes for VTY lines, including:
•
VTY Line Local Authentication and Authorization
•
VTY Line Remote Authentication and Authorization
VTY Line Local Authentication and
Authorization
The system retrieves the access class from the local database.
To use this feature:
1
Create a username.
2
Enter a password.
3
Assign an access class.
4
Enter a privilege level.
You can assign line authentication on a per-VTY basis; it is a simple password authentication, using an
access-class as authorization.
Configure local authentication globally and configure access classes on a per-user basis.
The system can assign different access classes to different users by username. Until users attempt to log in,
the system does not know if they will be assigned a VTY line. This means that incoming users always see a
login prompt even if you have excluded them from the VTY line with a deny-all access class. After users
identify themselves, the system retrieves the access class from the local database and applies it. (The system
can then close the connection if a user is denied access.)
VTY access-class
support?
YES
NO
YES
YES
Username access-class
support?
NO
YES
NO
NO
Remote authorization
support?
NO
NO
YES
YES
Security
1010