beautypg.com

Chapter 1 commands for basic switch configuration, 1 commands for basic configuration, 1 authentication line – PLANET XGS3-24040 User Manual

Page 42: 2 boot img, Ommands for, Asic, Onfiguration

background image

XGS3 Command Guide

1-42

Chapter 1 Commands for Basic Switch

Configuration

1.1 Commands for Basic Configuration
1.1.1 Authentication line

Command:

authentication line {console | sty | web} login {local | radius | tacos}

No authentication line {console | sty | web} login

Function:

Configure VTY (login with Telnet and SSH), Web and Console, so as to select the priority of the authentication mode

for the login user. The no form command restores the default authentication mode.

Default:

No configuration is enabled for the console login method by default. Local authentication is enabled for the VTY and

Web login method by default.

Command Mode:

Global Mode.

Usage Guide:

The authentication method for Console, VTY and Web login can be configured respectively. And authentication

method can be any one or combination of Local, RADIUS or TACCACS. When login method is configuration in

combination, the preference goes from left to right. If the users have passed the authentication method,

authentication method of lower preferences will be ignored. To be mentioned, if the user receives correspond

protocol’s answer whether refuse or incept, it will not attempt the next authentication method (Exception: if the local

authentication method failed, it will attempt the next authentication method); it will attempt the next authentication

method if it receives nothing. And AAA function RADIUS server should be configured before the RADIUS

configuration method can be used. And TACACS server should be configured before the TACACS configuration

method can be used.

The authentication line console login command is exclusive with the login command. The authentication line

console login command configures the switch to use the Console login method. And the login command makes the

Console login to use the passwords configured by the password command for authentication.

If local authentication is configured while no local users are configured, users will be able to login the switch via the

Console method.

Example:

To configure the Telnet and ssh login method to use RADIUS authentication method.

Switch(config)# authentication line vty login local radius

Relative Command:

aaa enable, radius-server authentication host, tacacs-server authentication host, tacacs-server key

1.1.2 boot img

Command:

boot img <img-file-url>primary | backup

See also other documents in the category PLANET Routers: