Cisco Catalyst 4500 Series Software Configuration Manual page 164
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Controlling Access to Privileged EXEC Commands
Command
Step 3
aaa authentication login
}
list-name
method1
[
|
Step 4
line
console
tty
[ending-line-number
Step 5
login authentication
}
list-name
Step 6
end
Step 7
show running-config
Step 8
copy running-config startup-config
To disable AAA, use the no aaa new-model global configuration command. To disable AAA
authentication, use the no aaa authentication login {default | list-name} method1 [method2...] global
configuration command. To either disable TACACS+ authentication for logins or to return to the default
value, use the no login authentication {default | list-name} line configuration command.
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
3-20
Purpose
{
|
Creates a login authentication method list.
default
[
]
method2...
•
•
•
Select one of these methods:
•
•
•
•
•
•
|
]
Enters line configuration mode, and configures the lines to which you
vty
line-number
]
want to apply the authentication list.
{
|
Applies the authentication list to a line or set of lines.
default
•
•
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Saves your entries in the configuration file.
Chapter 3
To create a default list that is used when a named list is not specified
in the login authentication command, use the default keyword
followed by the methods that you plan to use in default situations. The
default method list is automatically applied to all ports.
For list-name, specify a character string to name the list you are
creating.
For method1..., specify the actual method the authentication
algorithm tries. The additional methods of authentication are used
only if the previous method returns an error, not if it fails.
enable—Use the enable password for authentication. Before you can
use this authentication method, you must define an enable password
by using the enable password global configuration command.
group tacacs+—Uses TACACS+ authentication. Before you can use
this authentication method, you must configure the TACACS+ server.
For more information, see the
and Setting the Authentication Key" section on page
line—Use the line password for authentication. Before you can use
this authentication method, you must define a line password. Use the
password password line configuration command.
local—Use the local username database for authentication. You must
enter username information in the database. Use the username
password global configuration command.
local-case—Use a case-sensitive local username database for
authentication. You must enter username information in the database
by using the username name password global configuration
command.
none—Do not use any authentication for login.
If you specify default, use the default list created with the aaa
authentication login command.
For list-name, specify the list created with the aaa authentication
login command.
Configuring the Switch for the First Time
"Identifying the TACACS+ Server Host
3-18.
Advertisement
Chapters
Table of Contents
Troubleshooting
