beautypg.com

Asus GigaX2024SX User Manual

Page 242

background image

Command Mode

Global Configuration

Command Usage

es TCP. UDP only offers best effort

y, while TCP offers a connection-oriented transport. Also, note that

in the access-request packet from the

e server, while TACACS+ encrypts the entire body of the packet.

CS+ logon authentication assigns a specific privilege level

password pair. The user name, password, and privilege

ed on the authentication server.

thods in a single command to indicate

ion sequence. For example, if you enter “authentication login

e and password on the RADIUS server is

the RADIUS server is not available, then authentication is

server. If the TACACS+ server is not available,

e and password is checked.

• RADIUS uses UDP while TACACS+ us
deliver
RADIUS encrypts only the password
client to th
• RADIUS and TACA
for each user name and
level must be configur
• You can specify three authentication me
the authenticat
radius tacacs local,” the user nam
verified first. If
attempted on the TACACS+
the local user nam

Example

Related Commands
username - for setting the local user names and passwords (4-36)
authentication enable
This command defines the authentication method and precedence to use when
changing from Exec command mode to Privileged Exec command mode with the
enable command (see page 4-19). Use the no form to restore the default.
Syntax

authentication enable {[local] [radius] [tacacs]}
no authentication enable
local - Use local password only.
radius - Use RADIUS server password only.
tacacs - Use TACACS server password.

Default Setting

Local

Command Mode

Global Configuration

Command Usage

• RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort
delivery, while TCP offers a connection-oriented transport. Also, note that
RADIUS encrypts only the password in the access-request packet from the
client to the server, while TACACS+ encrypts the entire body of the packet.
• RADIUS and TACACS+ logon authentication assigns a specific privilege level
for each user name and password pair. The user name, password, and privilege
level must be configured on the authentication server.
• You can specify three authentication methods in a single command to indicate
the authentication sequence. For example, if you enter “authentication enable
radius tacacs local,” the user name and password on the RADIUS server is

4-74

See also other documents in the category Asus Communication: