Aaa per-interface commands, Aaa per-interface commands -111, Aaa per‐interface commands – Enterasys Networks X-Pedition XSR CLI User Manual
Page 655: Aaa per-interface commands aaa-method, Aaa privilege
AAA Per-Interface Commands
XSR CLI Reference Guide 16-111
AAA Per-Interface Commands
aaa-method
This command is executed at the Interface Mode.
This command specifies the name of the AAA method you will use for authentication requests
originating from this interface. With this command, you can process authentication requests
originating from different interfaces by different methods.
The command is governed by the following rules:
•
If an interface has no method specified or the specified method does not exist, standard AAA
method selection applies.
•
The
@<method>
username
syntax overrides the interfaceʹs method.
•
IKE is not affected because it always employs the PKI method.
•
The interface‐specific method will override the service typeʹs default method (assigned via the
client
sub‐command in AAA method configuration mode) and the AAA serviceʹs default
method.
Syntax
aaa method method-name
Syntax of the “no” Form
The no form of this command de‐selects this method:
no aaa method
Mode
Interface configuration:
XSR(config-if<xx>)#
Example
This example sets the PPP method for AAA service on FastEthernet interface 2:
XSR(config-if<F2>)#aaa method PPP
aaa privilege
This command associates the specified interface with a maximum privilege level available for AAA
logins. Be aware that you can assign a userʹs privilege level based on AAA user/group
information, unless it exceeds the level assigned to an interface via this command. Compare this
command with the AAA Use and Group mode
privilege
command on
.
Syntax
aaa privilege level
method-name
Designation of the AAA method (plug‐in).
level
Maximum privilege setting, ranging from 0 (lowest) to 15.