Table of Contents
Advertisement
Authentication, Authorization and Accounting (AAA) Commands
78-20269-01 Command Line Interface Reference Guide
Syntax
aaa authentication enable
no aaa authentication enable
Parameters
•
default—Uses the listed authentication methods that follow this argument
as the default method list, when accessing higher privilege levels.
•
list-name —Specifies a name for the list of authentication methods
activated when a user accesses higher privilege levels. (Length: 1–12
characters)
•
method [method2...]—Specifies a list of methods that the authentication
algorithm tries, in the given sequence. The additional authentication
methods are used only if the previous method returns an error, not if it fails.
Specify none as the final method in the command line to ensure that the
authentication succeeds, even if all methods return an error. Select one or
more methods from the following list:
Keyword
Description
enable
Uses the enable password for authentication.
line
Uses the line password for authentication.
none
Uses no authentication.
radius
Uses the list of all RADIUS servers for authentication.
Uses username "$enabx$." where x is the privilege
level.
tacacs
Uses the list of all TACACS servers for authentication.
Uses username "$enabx$." where x is the privilege
level.
Default Configuration
The enable password command is the default authentication login method. This is
the same as entering the command aaa authentication enable default enable.
On a console, the enable password is used if a password exists. If no password is
set, authentication still succeeds. This is the same as entering the command aaa
authentication enable default enable none.
Command Mode
Global Configuration mode
{default | list-name
method
}
{default | list-name
method2
[
...]
}
15
190
Advertisement
Table of Contents
