6 authentication – PLANET WGSW-50040 User Manual

addresses are able to login the switch. Up to 32 trusted IPv6 addresses can be configured in the

switch.

Example:

Configure the secure IPv6 address is 2001:da8:123:1::1.

Switch(config)# authentication securityipv6 2001:da8:123:1::1

1.2.6 authentication

Command:

authorization line {console | vty | web} exec {local | radius | tacacs}

no authorization line {console | vty | web} exec

Function:

Configure VTY (login with Telnet and SSH), Web and Console, so as to select the priority of the

authorization mode for the login user. The no form command restores the default authorization

mode.

Default:

There is no authorization mode.

Command Mode:

Global Mode.

Usage Guide:

The authorization method for Console, VTY and Web login can be configured respectively. And

authorization method can be any one or combination of Local, RADIUS or TACACS. When login

method is configuration in combination, the preference goes from left to right. If the users have

passed the authorization method, authorization method of lower preferences will be ignored. To be

mentioned, if the user receives correspond protocol’s answer whether refuse or incept, it will not

attempt the next authorization method; it will attempt the next authorization method if it receives

nothing. And AAA function RADIUS server should be configured before the RADIUS configuration

method can be used. And TACACS server should be configured before the TACACS configuration

method can be used.

The local users adopt username command permission while authorization command is not

configured, the users login the switch via RADIUS/TACACS method and works under common

mode.

Example:

Configure the telnet authentication mode to RADIUS.

Switch(config)# authorization line vty exec radius