3 authentication line login, 3 authentication line login -70 – PLANET XGS3-24042 User Manual
Page 70
XGS3 Command Guide
1-70
Command:
authentication ipv6 access-class {<num-std>|<name>}
no authentication ipv6 access-class
Function:
Binding standard IPv6 ACL protocol to login with Telnet/SSH/Web; the no form command will cancel the binding ACL.
Parameters:
<num-std> is the access-class number for standard numeric ACL, ranging between 500-599;
<name> is the access-class name for standard ACL, the character string length is ranging between 1-32.
Default:
The binding ACL to Telnet/SSH/Web function is closed by default.
Command Mode:
Global Mode.
Example:
Binding standard IP ACL protocol to access-class 500.
Switch(config)#authentication ipv6 access-class 500
1.2.3 authentication line login
Command:
authentication line {console | vty | web} login {local | radius | tacacs}
no authentication line {console | vty | web} login
Function:
Configure VTY (login with Telnet and SSH), Web and Console, so as to select the priority of the authentication mode
for the login user. The no form command restores the default authentication mode.
Default:
No configuration is enabled for the console login method by default. Local authentication is enabled for the VTY and
Web login method by default.
Command Mode:
Global Mode.
Usage Guide:
The authentication method for Console, VTY and Web login can be configured respectively. And authentication
method can be any one or combination of Local, RADIUS or TACACS. When login method is configuration in
combination, the preference goes from left to right. If the users have passed the authentication method,
authentication method of lower preferences will be ignored. To be mentioned, if the user receives correspond
protocol’s answer whether refuse or incept, it will not attempt the next authentication method (Exception: if the local
authentication method failed, it will attempt the next authentication method); it will attempt the next authentication
method if it receives nothing. And AAA function RADIUS server should be configured before the RADIUS
configuration method can be used. And TACACS server should be configured before the TACACS configuration