2 configuration commands, 1 authentication login – Fortinet 548B User Manual

Page 250

Advertising
background image

- 250 -

Display Message

MAC address MAC address of discarded packet on locked ports.

7.8.2

Configuration Commands

7.8.2.1 authentication login

This command creates an authentication login list. The <listname> is up to 15 alphanumeric characters
and is not case sensitive. Up to 10 authentication login lists can be configured on the switch. When a list
is created, the authentication metho

d “local” is set as the first method.

When the optional parameters “method1”, “method 2”, and/or “method 3” are used, an ordered list of
methods are set in the authentication login list. If the authentication login list does not exist, a new
authentication login list is first created and then the authentication methods are set in the authentication
login list. The maximum number of authentication login methods is three. The possible method values
are local, radius, reject, and tacacs.

The value of local i

ndicates that the user’s locally stored ID and password are used for authentication.

The value of radius

indicates that the user’s ID and password will be authenticated using the RADIUS

server. The value of reject indicates that the user is never authenticated. The value of tacacs indicates
that the user’s ID and password will be authenticated using the TACACS.

To authenticate a user, the authentication methods in the user’s login will be attempted in order until an
authentication attempt succeeds or fails.

i

The default login list included with the default configuration cannot be changed.

Syntax

authentication login <listname> [<method1>] [<method2>] [<method3>]
no authentication login <listname>

<listname> - creates an authentication login list (Range: up to 15 characters).

<method1 - 3> - The possible method values are local, radius, reject, and tacacs.

no - This command deletes the specified authentication login list. The attempt to delete will fail if any
of the following conditions are true:

1. The login list name is invalid or does not match an existing authentication login list

2. The specified authentication login list is assigned to any user or to the nonconfigured user for

any component.

3. The login list is the default login list included with the default configuration and was not

created using ‘config authentication login create’. The default login list cannot be deleted.

Advertising
Popular Brands
Popular manuals