Configuring User Role Authentication - HPE FlexNetwork 5510 HI Series Fundamentals Configuration Manual

Hide thumbs Also See for FlexNetwork 5510 HI Series:

Configuration manual (572 pages)

Security configuration manual (551 pages)

Mpls configuration manual (505 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

Table of Contents

b. The default ISP domain.

•

If you execute the quit command after obtaining user role authorization, you are logged out of

the device.

Table 11 User role authentication modes

Keywords

local

scheme

local

scheme

local

Configuring user role authentication

Step

Enter system view.

Set

authentication

mode.

(Optional.)

the default target

user

temporary user role

authorization.

Set

authentication

password for a user

role.

Authentication mode

Local

password

authentication

(local-only)

Remote AAA authentication

through

HWTACACS

RADIUS (remote-only)

Local

password

authentication first, and then

remote AAA authentication

(local-then-remote)

Remote AAA authentication

first,

and

then

password

authentication

(remote-then-local)

Command

system-view

super authentication-mode

{ local | scheme } *

Specify

role

for

super default role rolename

•

local

super password [ role

rolename ] [ { hash |

simple } password ]

•

Description

The device uses the locally configured password for

authentication.

only

If no local password is configured for a user role in this

mode, an AUX user can obtain the user role authorization by

either entering a string or not entering anything.

The device sends the username and password to the

HWTACACS or RADIUS server for remote authentication.

To use this mode, you must perform the following

configuration tasks:

•

Configure the required HWTACACS or RADIUS

scheme, and configure the ISP domain to use the

scheme for the user. For more information, see

Security Configuration Guide.

•

Add the user account and password on the

HWTACACS or RADIUS server.

Local password authentication is performed first.

If no local password is configured for the user role in this

mode:

•

The device performs remote AAA authentication for

VTY users.

•

An AUX user can obtain another user role by either

entering a string or not entering anything.

Remote AAA authentication is performed first.

Local password authentication is performed in either of the

local

following situations:

•

The HWTACACS or RADIUS server does not respond.

•

The remote AAA configuration on the device is invalid.

Remarks

N/A

By default, local-only authentication applies.

By default, the default target user role is

network-admin.

non-FIPS

mode:

Use this step for local password authentication.

By default, no password is configured.

If you do not specify the role rolename option,

the command sets a password for the default

FIPS

mode:

Table of Contents

Show Quick Links

Quick Links:
Using the Cli

Hide quick links:

Table of Contents

Troubleshooting

Need help?

Do you have a question about the FlexNetwork 5510 HI Series and is the answer not in the manual?

Configuring User Role Authentication - HPE FlexNetwork 5510 HI Series Fundamentals Configuration Manual

Configuring user role authentication

Hide quick links:

Troubleshooting

Need help?

Related Manuals for HPE FlexNetwork 5510 HI Series

Related Content for HPE FlexNetwork 5510 HI Series

Table of Contents