beautypg.com

Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 77

background image

Note that the above configuration can be overridden by the command no snmp-server pw-check ,
which disables password checking for SNMP SET requests.

Example 2

To configure an authentication-method list for the Privileged EXEC and CONFIG levels of the CLI, enter
the following command.

device(config)#aaa authentication enable default local

This command configures the device to use the local user accounts to authenticate attempts to access
the Privileged EXEC and CONFIG levels of the CLI.

Example 3

To configure the device to consult a RADIUS server first to authenticate attempts to access the
Privileged EXEC and CONFIG levels of the CLI, then consult the local user accounts if the RADIUS
server is unavailable, enter the following command.

device(config)#aaa authentication enable default radius local

Command Syntax

The following is the command syntax for the preceding examples.

Syntax: [no] aaa authentication { snmp-server | web-server | enable | login default } method 1 [
method 2-7 ]

The snmp-server | web-server | enable | login parameter specifies the type of access this
authentication-method list controls. You can configure one authentication-method list for each type of
access.

NOTE
Web management is not supported in Release 8.0.00a and later releases. If web management is
enabled, you must configure the no web-management command to disable it.

NOTE
TACACS/TACACS+ and RADIUS are supported only with the enable and login parameters.

The method1 parameter specifies the primary authentication method. The remaining optional method
parameters specify additional methods to try if an error occurs with the primary method. A method can
be one of the values listed in the Method Parameter column in the following table.

Authentication method values

TABLE 9

Method parameter Description

line

Authenticate using the password you configured for Telnet access. The Telnet password is
configured using the enable telnet password... command. Refer to

Setting a Telnet

password

on page 32.

enable

Authenticate using the password you configured for the Super User privilege level. This
password is configured using the enable super-user-password... command. Refer to

Setting

passwords for management privilege levels

on page 32.

Security Access

FastIron Ethernet Switch Security Configuration Guide

77

53-1003088-03

See also other documents in the category Brocade Computer Accessories: