Filter
Top Products
DES-7200 Configuration Guide Chapter 1 AAA Configuration
1-11
Command Function
end
Return to the privileged mode.
show aaa method-list
Confirm the configured method list.
configure terminal
Enter the global configuration mode.
line vty line-num
Enter the line configuration mode
login authentication {default |
list-name}
Apply the method list.
end
Return to the privileged mode.
show running-config
Confirm the configuration.
1.3.6 Configuring the AAA
Enable Authentication
This section deals with how to configure the AAA Enable authentication methods supported by
our product:
In many cases, the user needs to Telnet the network access server (NAS). After passing the
authentication, the user enters the Command Line Interface (CLI) and is assigned an initial
command execution privilege (0-15 level). You can execute different commans in different
levels and use the show privilege command to display the current level. For the details, see
using the CLI.
After logging in the CLI, you can use the enable command to improve the privilege level if you
fail to execute some commands due to low initial privilege level. To prevent the unauthorized
access to the network, the identity authentication, named Enable authentication, is necessary
when improving the privilege level.
To configure the AAA Enable authentication, execute the following command in the global
configuration mode:
Command Function
configure terminal
Enter the global configuration mode.
aaa new-model
Enable AAA.
aaa authentication enable default
method1 [method2...]
Define an enable authentication method list, for
example RADIUS.
line vty line-num
Enter the line that needs to apply the AAA
authentication.
login authentication
{default|list-name}
Apply the method list on the line.
It can only define one enable authentication method list globally, so it is no need to define the
name of the method list. The keyword "method" means the actual algorithm for authentication.