3 configuring authorization and reauthorization, 1 configuring cli commands authorization, 2 configuring l2tp peer authorization – QTECH SmartEdge 600 Configuration User Manual
Page 21: Configuring authorization and reauthorization, Caution

Configuration and Operations
Caution!
Risk of security breach. If you disable subscriber authentication, individual
subscriber names and passwords will not be authenticated by the router, and
therefore, IP routes and ARP entries within individual subscriber records are
not installed. To reduce the risk, verify your network security setup before
disabling subscriber authentication.
2.3
Configuring Authorization and Reauthorization
To configure authorization and reauthorization, perform the tasks described in
the following sections.
2.3.1
Configuring CLI Commands Authorization
To specify that commands with a matching privilege level (or higher) require
authorization through TACACS+, perform the task described in Table 21.
Table 21
CLI Commands Authorization
Task
Root Command
Notes
Configure CLI commands
authorization.
aaa authorization comm
ands
Enter this command in the context
configuration mode.
A TACACS+ server must be
configured in the specified context;
for more information, see Configuring
TACACS+.
2.3.2
Configuring L2TP Peer Authorization
To determine whether L2TP peers are authorized by the router (local)
configuration or by a RADIUS server, perform the task described in Table 22.
Table 22
L2TP Peer Authorization
Task
Root Command
Notes
Configure L2TP peer
authorization.
aaa authorization tunnel
Enter this command in the context
configuration mode.
By default, L2TP peers are
authorized through the router
configuration.
17
61/1543-CRA 119 1170/1 Uen L
|
2012-12-04