DES-7200 Configuration Guide Chapter 1 AAA Configuration
1-9
Caution
Since the keyword "none" enables any dialup user can pass the authentication
even if the security server has no reply, it is only used as the backup
authentication method. We suggest not using the "none" identity authentication
in general cases. In special case when all possible dialup users are trustful, and
no delay due to system fault is allowed for the user's work, it is possible to use
"none" as the last identity authentication method in case the security server has
no reply. And we recommend adding the local authentication method before the
“none” authentication method.
Keyword Description
local
Use the local username database for
authentication
none
Do not perform authentication
group radius
Use Radius for authentication
The table above lists the AAA login authentication methods supported by our product.
1.3.5.1 Using the local database for
Login authentication
To configure the login authentication with local database, it is required to configure the local
database first. Our product supports authentication based on the local database. To establish
the username authentication, run the following commands in the global configuration mode:
Command Function
configure terminal
Enter the global configuration mode.
username name [password password] or
username name [access-class number]
Establish the username authentication using
the password, or the access list.
username name [privilege level]
(Optional) Set the privilege level for the user.
username name [autocommand
command]
(Optional) Set the command auto-executed
after the user login.
end
Return to the privileged mode.
show running-config
Confirm the configuration.
To define the local login authentication method list and apply it, run the following commands:
Command Function
configure terminal
Enter the global configuration mode.
aaa new-model
Turn on the AAA switch.