Creating A Named List For The Enable Mode Authentication - HP ProCurve 7000dl Series Basic Management And Configuration Manual
Procurve 7000dl series secure router
Hide thumbs
Also See for ProCurve 7000dl Series:
- Quickspecs (18 pages) ,
- Basic management and configuration manual (817 pages)
Table of Contents
Advertisement
Controlling Management Access to the ProCurve Secure Router
Using the AAA Subsystem to Control Management Access
N o t e
2-18
Creating a Named List for the Enable Mode Authentication
To create a named list for the enable mode, you must determine the authenti-
cation methods you want to use and the order in which you want the authenti-
cation methods applied. You then use the aaa authentication command to
specify both the name of the list and its contents. When you create a named list
for the enable mode, you always specify that you are creating the default named
list; you cannot create a named list with a different name.
If you enable the AAA subsystem but do not configure a named list for the
enable mode, the Secure Router OS uses the enable mode password by default.
From the global configuration mode context, enter:
Syntax: aaa authentication enable default [line | enable | none | {group <groupname>
| radius | tacacs+}]
The options that you can use to authenticate users who attempt to access the
enable mode are included in Table 2-1.
Table 2-1.
Authentication Options for the Enable Mode Named List
Option
line
enable
none
group [<groupname> | radius |
tacacs+]
When you configure a named list for authentication, you can include more than
one option in a command. For example, you may decide that when a user
attempts to access the enable mode context, you want the ProCurve Secure
Router to use the following authentication methods, in the order they are
listed:
Meaning
Requires users to enter the password configured for the
Telnet or the console line.
Requires users to enter the password configured for the
enable mode context.
Does not require a password. If you enter multiple access
methods (such as line or enable), you must enter the none
option last.
Specifies that the ProCurve Secure Router should contact an
access server to authenticate users:
• group of RADIUS or TACACS+ servers that you have
configured
• all the RADIUS servers that you have defined (if you have
not defined a group of RADIUS servers)
• all the TACACS+ servers that you have defined (if you have
not defined a group of TACACS+ servers)
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
