DES-7200 Configuration Guide Chapter 1 AAA Configuration
1-16
1.3.10 Example of Terminal
Service Application
Configuration
In the environment of the terminal service application, the terminal first connects to the
asynchronous console, then offers the service accessing the network network server. However,
if AAA is enabled, the Login authentication is necessary in all lines. To access the server, the
terminal must pass the Login authentication and it influences the terminal service. You can
separate two lines by configuration that makes the line using the terminal service directly
connecting the server without the Login authentication, and ensures the device security by the
Login authentication of the line connecting the device. That is to say, you can configure a login
authentication list specific for the terminal service but the authentication method as none. Then
apply the configured list to the line with terminal service enabled, while other lines connecting
the local device is unchanged. Thereof the terminal can skip the local login authentication.
The example below illustrates the configuration steps:
DES-7200(config)# aaa new-model
DES-7200(config)# username DES-7200 password starnet
DES-7200(config)# radius-server host 192.168.217.64
DES-7200(config)# radius-server key test
DES-7200(config)# aaa authentication login test group radius local
DES-7200(config)# aaa authentication login terms none
DES-7200(config)# line tty 1 4
DES-7200(config-line)# login authentication terms
DES-7200(config-line)# exit
DES-7200(config)# line tty 5 16
DES-7200(config-line)# login authentication test
DES-7200(config-line)# exit
DES-7200(config)# line vty 0 4
DES-7200(config-line)# login authentication test
DES-7200(config-line)# end
DES-7200(config)# show running-config
!
aaa new-model
!
!
aaa authentication login test group radius local
aaa authentication login terms none
username DES-7200 password 0 starnet
!
radius-server host 192.168.217.64
radius-server key 7 093b100133
!
line con 0
line aux 0
line tty 1 4
login authentication terms
line tty 5 16
login authentication test