Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual
Page 89
Multi-Service IronWare Security Configuration Guide
71
53-1003035-02
Configuring authentication-method lists
1
To configure an authentication-method list for Brocade Network Advisor, enter a command such as
the following.
Brocade(config)# aaa authentication snmp-server default local
This command configures the device to use the local user accounts to authenticate access
attempts through any network management software, such as Brocade Network Advisor.
To configure an authentication-method list for the Privileged EXEC and CONFIG levels of the CLI,
enter the following command.
Brocade(config)# aaa authentication enable default local
This command configures the device to use the local user accounts to authenticate attempts to
access the Privileged EXEC and CONFIG levels of the CLI.
Example
To configure the device to consult a RADIUS server first to authenticate attempts to access the
Privileged EXEC and CONFIG levels of the CLI, then consult the local user accounts if the RADIUS
server is unavailable, enter the following command.
Brocade(config)# aaa authentication enable default radius local
Syntax: [no] aaa authentication snmp-server | web-server | enable | login | dot1x default
method1 [method2] [method3] [method4] [method5] [method6] [method7]
The snmp-server | web-server | enable | login | dot1x parameter specifies the type of access this
authentication-method list controls. You can configure one authentication-method list for each type
of access.
NOTE
If you configure authentication for Web management access, authentication is performed each time
a page is requested from the server. When frames are enabled on the Web Management Interface,
the browser sends an HTTP request for each frame. The Brocade device authenticates each HTTP
request from the browser. To limit authentications to one per page, disable frames on the Web
Management Interface.
NOTE
TACACS or TACACS+ and RADIUS are not supported with the snmp-server parameter.
The method1 parameter specifies the primary authentication method. The remaining optional
method parameters specify additional methods to try if an error occurs with the primary method. A
method can be one of the values listed in the Method Parameter column in
TABLE 12
Authentication method values
Method parameter
Description
line
Authenticate using the password you configured for Telnet access. The Telnet
password is configured using the enable telnet password… command. Refer to
.
enable
Authenticate using the password you configured for the Super User privilege
level. This password is configured using the enable super-user-password…
command. Refer to
“Setting passwords for management privilege levels”
local
Authenticate using a local user name and password you configured on the
device. Local user names and passwords are configured using the username…
command. Refer to
“Configuring a local user account”
.