Configuring Aaa Authentication And Aaa Authorization - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04 Configuration Manual

show line vty

Configuring AAA Authentication and AAA Authorization

Copyright © 2010, Juniper Networks, Inc.
Use to display the configuration of a vty line.
Field descriptions
access-class—Access-class associated with the vty line
data-character-bits—Number of bits per character
7—Setting for the standard ASCII set
8—Setting for the international character set
exec-timeout—Time interval that the terminal waits for expected user input
Never—Indicates that there is no time limit
exec-banner—Status for the exec banner: enabled or disabled. This banner is
displayed by the CLI after user authentication (if any) and before the first prompt of
a CLI session.
motd-banner—Status for the message of the day (MOTD) banner: enabled or
disabled. This banner is displayed by the CLI when a connection is initiated.
login-timeout—Time interval during which the user must log in.
Never—Indicates that there is no time limit
Example
host1#show line vty 0
no access-class in
data-character-bits 8
exec-timeout 3w 3d 7h 20m 0s
exec-banner enabled
motd-banner enabled
login-timeout 30 seconds
See show line vty.
Before you configure AAA authentication and AAA authorization, you need to configure
a RADIUS and/or TACACS+ authentication server. Note that several of the steps in the
configuration procedure are optional.
To configure AAA new model authentication and authorization for inbound sessions to
vty lines on your router:
Specify AAA new model authentication.
1.
host1(config)#aaa new-model
Create an authentication list that specifies the types of authentication methods
2.
allowed.
host1(config)#aaa authentication login my_auth_list tacacs+ line enable
Chapter 7: Passwords and Security
415