AAA authentication through a RADIUS or TACACS+ server must be
◆
enabled before authorization is enabled.
P
ARAMETERS
These parameters are displayed:
Configure Method
◆
Authorization Type – Specifies the service as Exec, indicating
administrative authorization for local console, Telnet, or SSH
connections.
Method Name – Specifies an authorization method for service
◆
requests. The "default" method is used for a requested service if no
other methods have been defined. (Range: 1-64 characters)
◆
Server Group Name - Specifies the authorization server group.
(Range: 1-64 characters)
The group name "tacacs+" specifies all configured TACACS+ hosts (see
"Configuring Local/Remote Logon Authentication" on page
other group name refers to a server group configured on the TACACS+
Group Settings page. Authorization is only supported for TACACS+
servers.
Configure Service
Authorization Type – Specifies the service as Exec, indicating
◆
administrative authorization for local console, Telnet, or SSH
connections.
Console Method Name – Specifies a user defined method name to
◆
apply to console connections.
◆
VTY Method Name – Specifies a user defined method name to apply
to Telnet connections.
Show Information
Authorization Type - Displays the authorization service.
◆
Method Name - Displays the user-defined or default accounting
◆
method.
Server Group Name - Displays the authorization server group.
◆
Interface - Displays the console or Telnet interface to which these
◆
rules apply. (This field is null if the authorization method and associated
server group has not been assigned to an interface.)
– 361 –
| Security Measures
C
13
HAPTER
AAA Authorization and Accounting
349). Any