Download Print this page

Aaa Authentication Enable Default Group Tacacs - Allied Telesis IE340 Series Command Reference Manual

Industrial ethernet layer 3 switches
Hide thumbs Also See for IE340 Series:

Advertisement

AAA C
OMMANDS

AAA AUTHENTICATION ENABLE DEFAULT GROUP TACACS

aaa authentication enable default group
tacacs+
Overview
This command enables privilege level authentication against a TACACS+ server.
Use the no variant of this command to disable privilege level authentication.
TACACS+ is not available in Secure Mode (see the
Syntax
aaa authentication enable default group tacacs+ [local] [none]
no aaa authentication enable default
Default
Local privilege level authentication is enabled by default
enable default local
Mode
Global Configuration
Usage notes
A user is configured on a TACACS+ server with a maximum privilege level. When
they enter the
enable password which is authenticated against the TACACS+ server. If the
password is correct and the specified privilege level is equal to or less than the
users maximum privilege level, then they are granted access to that level. If the
user attempts to access a privilege level that is higher than their maximum
configured privilege level, then the authentication session will fail and they will
remain at their current privilege level.
NOTE
If the TACACS+ server goes offline, or is not reachable during enable password
authentication, and command level authentication is configured as:
C613-50631-01 Rev A
+
Parameter
Description
local
Use the locally configured enable password (enable password
command) for authentication.
none
No authentication.
command).
enable (Privileged Exec mode)
: If both local and none are specified, you must always specify local first.
aaa authentication enable default group tacacs+
then the user is never granted access to Privileged Exec mode.
aaa authentication enable default group tacacs+ local
then the user is authenticated using the locally configured enable password,
which if entered correctly grants the user access to Privileged Exec mode. If
no enable password is locally configured (enable password command),
then the enable authentication will fail until the TACACS+ server becomes
available again.
Command Reference for IE340 Series
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
crypto secure-mode
(aaa authentication
command they are prompted for an
command).
2362

Hide quick links:

Advertisement

loading

This manual is also suitable for:

Ie340-12gpIe340-12gtIe340-20gpIe340l-18gp