Authentication sequence, Authentication enable, Table 62: authentication sequence commands – Microsens MS453490M Management Guide User Manual

Page 586: Authentication enable (586)

Advertising
background image

C

HAPTER

24

| Authentication Commands

Authentication Sequence

– 586 –

A

UTHENTICATION

S

EQUENCE

Three authentication methods can be specified to authenticate users

logging into the system for management access. The commands in this

section can be used to define the authentication method and sequence.

authentication

enable

This command defines the authentication method and precedence to use

when changing from Exec command mode to Privileged Exec command

mode with the

enable

command. Use the no form to restore the default.

S

YNTAX

authentication enable {[local] [radius] [tacacs]}
no authentication enable

local - Use local password only.
radius - Use RADIUS server password only.
tacacs - Use TACACS server password.

D

EFAULT

S

ETTING

Local

C

OMMAND

M

ODE

Global Configuration

C

OMMAND

U

SAGE

RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort

delivery, while TCP offers a connection-oriented transport. Also, note

that RADIUS encrypts only the password in the access-request packet

from the client to the server, while TACACS+ encrypts the entire body

of the packet.

RADIUS and TACACS+ logon authentication assigns a specific privilege

level for each user name and password pair. The user name, password,

and privilege level must be configured on the authentication server.

You can specify three authentication methods in a single command to

indicate the authentication sequence. For example, if you enter

authentication enable radius tacacs local,” the user name and

password on the RADIUS server is verified first. If the RADIUS server is

not available, then authentication is attempted on the TACACS+ server.

If the TACACS+ server is not available, the local user name and

password is checked.

Table 62: Authentication Sequence Commands

Command

Function

Mode

authentication enable

Defines the authentication method and precedence for

command mode change

GC

authentication login

Defines logon authentication method and precedence GC

Advertising
Popular Brands
Popular manuals