Filter
Top Products
DES-7200 Configuration Guide Chapter 1 AAA Configuration
1-38
DES-7200(config)#service password-encryption
! Configure the local user database (Configure the username and the password, and
set the user privilege level)
DES-7200(config)#username bank privilege 10 password yinhang
DES-7200(config)#username super privilege 15 password star
DES-7200(config)#username normal privilege 2 password normal
DES-7200(config)#username test privilege 1 password test
! Configure the local enable password for the local enable authentication
DES-7200(config)#enable secret w
! Configure the line login password (with the AAA function enabled, the login
password of the terminal line takes no effect. So the line login password configuration
is to prevent the login failure with the AAA function disabled)
DES-7200(config)#line vty 0 15
DES-7200(config-line)#password w
! Configure the line user privilege level (with the Exec authorization disabled, or no
Exec authorization method list is applied in the line and no default Exec authorization
method list, the configure line user privilege level should be used)
DES-7200(config)#line vty 0 15
DES-7200(config-line)#privilege level 10
# Configure the authentication
1. Login authentication
The Login authentication is used to control the user access. There are two methods
to define the authentication method list: 1) Radius; 2) Local.
! Configure login authentication method list and apply it to the corresponding line
DES-7200(config)# aaa authentication login hello group radius local
DES-7200(config)# line vty 0 15
DES-7200(config-line)# login authentication hello
To prevent the user from using the exhaust algorithm to crack the password during
the Login authentication, AAA is used to limit the user Login attempts. When the
authentication attempts reached the configured limit, the user would fail to log in for
the lockout time(by default, the login authentication attempt is 3 times and the lockout
time is 15 hours.)