Default configuration, Command mode, User guidelines – PLANET WGSD-1022 User Manual

Keyword

Source or destination

Enable

Uses the enable password for authentication.

Line

Uses the line password for authentication

None

Uses no authentication

Radius

Uses the list of all radius servers for authentication. Uses username “$enabx$.” Where

x is the privilege level

Tacacs

Uses the list of all TACACS+ servers for authentication. Uses username “$enabx$.”

Where x is the privilege level.

Default Configuration

If the default list is not set, only the enable password is checked. This has the same effect as the

command aaa authentication enable default enable.

On the console, the enable password is used if it exists. If no password is set, the process still succeeds.

This has the same effect as using the command aaa authentication enable default enable none.

Command Mode

Global Configuration mode

User Guidelines

The default and optional list names created with the aaa authentication enable command are used with

the enable authentication command.

Create a list by entering the aaa authentication enable list-name method command where list-name is

any character string used to name this list. The method argument identifies the list of methods that the

authentication algorithm tries, in the given sequence.

The additional methods of authentication are used only if the previous method returns an error, not if it

fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the

final method in the command line.

All aaa authentication enable default requests sent by the router to a RADIUS server include the

username

"$enabx$.", where x is the requested privilege level.

Example

The following example sets authentication when accessing higher privilege levels.

console (config) # aaa authentication enable default enable