Chapter35 Authentication, Authorization, and Accounting
AAA Screen Reference
35-14
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Cisco IOS software uses the first listed method to authenticate users. If that
method fails to respond, the Cisco IOS software selects the next authentication
method listed in the method list. This process continues until there is successful
communication with a listed authentication method, or all methods defined in the
method list are exhausted.
It is important to note that the Cisco IOS software attempts authentication with
the next listed authentication method only when there is no response from the
previous method. If authentication fails at any point in this cycle—meaning that
the security server or local username database responds by denying the user
access—the authentication process stops and no other authentication methods are
attempted.
Field Reference
Table35-12 describes the fields in this screen.
Table35-12 Add a Method List for Authentication or Authorization Fields
Element Description
Name
Specify
Choose the name Default in the Name list, or choose User Defined,
and enter a method list name in the Specify field.
Methods A method is a configured server group. Up to four methods can be
specified and placed in the list in the order you want the router to
use them. The router will attempt the first method in the list. If the
authentication request receives a PASS or a FAIL response, the
router does not query further. If the router does not receive a
response by using the first method, it uses the next method in the
list, and continues to the end of the list until it receives a PASS or a
FAIL response.
Add Click Add to add a method to the list. If there are no configured
server groups to add, you can configure a server group in the
window displayed.
Delete Click this button to delete a method from the list.