Examples of authentication-method lists – Brocade BigIron RX Series Configuration Guide User Manual

Page 184

Advertising
background image

106

BigIron RX Series Configuration Guide

53-1002484-04

Configuring authentication-method lists

3

If you configure an authentication-method list for Web management access and specify “local”
as the primary authentication method, users who attempt to access the device using the Web
management interface must supply a user name and password configured in one of the local
user accounts on the device. The user cannot access the device by entering “set” or “get” and
the corresponding SNMP community string.

For devices that can be managed using Brocade Network Advisor, the default authentication
method (if no authentication-method list is configured for SNMP) is the CLI Super User level
password. If no Super User level password is configured, then access through Brocade
Network Advisor is not authenticated. To use local user accounts to authenticate access
through Brocade Network Advisor, configure an authentication-method list for SNMP access
and specify “local” as the primary authentication method.

Examples of authentication-method lists

The following example shows how to configure authentication-method lists for the Web
Management Interface, Brocade Network Advisor, and the Privileged EXEC and CONFIG levels of
the CLI. In this example, the primary authentication method for each is “local”. The device will
authenticate access attempts using the locally configured user names and passwords first.

To configure an authentication-method list for the Web Management Interface, enter a command
such as the following.

BigIron RX(config)# aaa authentication web-server default local

This command configures the device to use the local user accounts to authenticate access to the
device through the Web Management Interface. If the device does not have a user account that
matches the user name and password entered by the user, the user is not granted access.

To configure an authentication-method list for Brocade Network Advisor, enter a command such as
the following.

BigIron RX(config)# aaa authentication snmp-server default local

This command configures the device to use the local user accounts to authenticate access
attempts through any network management software, such as Brocade Network Advisor.

To configure an authentication-method list for the Privileged EXEC and CONFIG levels of the CLI,
enter the following command.

BigIron RX(config)# aaa authentication enable default local

This command configures the device to use the local user accounts to authenticate attempts to
access the Privileged EXEC and CONFIG levels of the CLI.

To configure the device to consult a RADIUS server first to authenticate attempts to access the
Privileged EXEC and CONFIG levels of the CLI, then consult the local user accounts if the RADIUS
server is unavailable, enter the following command.

BigIron RX(config)# aaa authentication enable default radius local

Syntax: [no] aaa authentication snmp-server | web-server | enable | login | dot1x default

<method1> [<method2>] [<method3>] [<method4>] [<method5>] [<method6>]
[<method7>]

Advertising
Popular Brands
Popular manuals