Authentication login – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual
Page 195
Brocade 6910 Ethernet Access Switch Configuration Guide
145
53-1002581-01
Authentication Sequence
9
Example
Console(config)#authentication enable radius
Console(config)#
Related Commands
- sets the password for changing command modes (
)
authentication login
This command defines the login authentication method and precedence. Use the no form to
restore the default.
Syntax
authentication login {[local] [radius] [tacacs]}
no authentication login
local - Use local password.
radius - Use RADIUS server password.
tacacs - Use TACACS server password.
Default Setting
Local
Command Mode
Global Configuration
Command Usage
•
RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP
offers a connection-oriented transport. Also, note that RADIUS encrypts only the password in
the access-request packet from the client to the server, while TACACS+ encrypts the entire
body of the packet.
•
RADIUS and TACACS+ logon authentication assigns a specific privilege level for each user
name and password pair. The user name, password, and privilege level must be configured on
the authentication server.
•
You can specify three authentication methods in a single command to indicate the
authentication sequence. For example, if you enter “authentication login radius tacacs local,”
the user name and password on the RADIUS server is verified first. If the RADIUS server is not
available, then authentication is attempted on the TACACS+ server. If the TACACS+ server is not
available, the local user name and password is checked.
Example
Console(config)#authentication login radius
Console(config)#
Related Commands