Appendix K Router Platform User Interface Reference

 

 

 

AAA Policy Page

 

Table K-39

AAA Page—Authorization Tab (Continued)

 

 

 

 

Prioritized Method List

Defines a sequential list of methods to be queried when authorizing a user.

 

 

 

Enter the names of one or more AAA server group objects (up to four), or

 

 

 

click Select to display an Object Selectors, page F-593. Use the up and down

 

 

 

arrows in the object selector to define the order in which the selected server

 

 

 

groups should be used.

 

 

 

The device tries initially to authorize users using the first method in the list.

 

 

 

If that method fails to respond, the device tries the next method, and so on,

 

 

 

until a response is received.

 

 

 

Supported methods include RADIUS, TACACS+, Local, and None.

 

 

 

Note RADIUS uses the same server for authentication and authorization.

 

 

 

Therefore, if you use define a RADIUS method list for

 

 

 

authentication, you must define the same method list for

 

 

 

authorization.

 

 

 

Note If you select None as a method, it must appear as the last method in

 

 

 

the list.

 

 

 

 

EXEC Authorization settings

 

 

 

 

Enable CLI/EXEC

When selected, this type of authorization determines whether the user is

 

Operations

 

permitted to open an EXEC (CLI) session, using the methods defined in the

 

Authorization

 

method list.

 

 

 

When deselected, EXEC authorization is not performed.

 

 

 

 

Prioritized Method List

Defines a sequential list of methods to be queried when authorizing a user.

 

 

 

Enter the names of one or more AAA server group objects (up to four), or

 

 

 

click Select to display an Object Selectors, page F-593. Use the up and down

 

 

 

arrows in the object selector to define the order in which the selected server

 

 

 

groups should be used.

 

 

 

The device tries initially to authorize users using the first method in the list.

 

 

 

If that method fails to respond, the device tries the next method, and so on,

 

 

 

until a response is received.

 

 

 

 

Command Authorization settings

 

 

 

 

 

Filter

 

Enables you to filter the information displayed in the table. For more

 

 

 

information, see Filtering Tables, page 3-24.

 

 

 

 

 

Privilege Level

 

The privilege level to which the command authorization definition applies.

 

 

 

 

Prioritized Method List

The method list to use when authorizing users with this privilege level.

 

 

 

 

 

 

 

 

 

 

User Guide for Cisco Security Manager 3.2

 

 

 

 

 

 

 

 

OL-16066-01

 

 

 

K-91

 

 

 

 

Page 91
Image 91
Cisco Systems OL-16066-01 appendix Information, see Filtering Tables