EXEC Configuration Example 527
■An administrator user using the console port
■An operator user using telnet
Configureng Administrator User Login Authentication from a Console Port
In this example, the user name is abc and the password is hello. The RADIUS server
first authenticates the user, and then local authentication is used when the former
authentication cannot be carried out normally. When logging in the router
connected through the console port, only the user whose user name is abc and
password is hello can log on successfully. Otherwise, access to the router is denied.
1Enable AAA
[Router]aaa-enable
2Configure the login authentication of entering EXEC from Console port
[Router]login con
3Configure the local authentication user name and password of EXEC user type.
[Router] local-user abc service-type exec-adminstrator password
cipher hello
4Configure the default authentication method list of EXEC users
[Router]aaa authentication-scheme login default radius local
5Configure RADIUS server and the shared secret
[Router]radius server 172.17.0.30 authentication-port 1645
accouting-port 1646
[Router]radius shared-key 3Com
Configuring Operator User Login Authentication Through Telnet
In this example, the user name is abcd and the password is hello. Local
authentication is conducted directly and only users who pass the local
authentication can log on successfully. Otherwise, access to the router is denied.
1Enable AAA
[Router]aaa-enable
2Configure the login authentication of entering EXEC via Telnet port
[Router]login telnet
3Configure the local authentication user name and password of EXEC user type.
[Router] local-user abcd service-type exec-operator password cipher
hello
4Configure the authentication method list of EXEC users
[Router]aaa authentication-scheme login default local