240 AAA Commands
support the concept of timeout, subsequent entries in the list are never
attempted. For example, the local authentication method implementation
does not supply a time-out value. If a list contains the local method, followed
by the radius authentication method, the radius method is not attempted.
Once an APL is created, a reference to that APL can be stored in the access
line configuration to determine how specific components should
authenticate users. The APL and associated component ID are stored
together. A single APL can be referenced by multiple users and components.
The administrator can enable/disable/reorder authentication methods on a
per method basis (see above).
Commands in this Chapter
This chapter explains the following commands:
aaa authentication dot1x default
Use the aaa authentication dot1x default command in Global Configuration
mode to specify an authentication method for 802.1x clients. Use the no form
of the command to return the authentication method to its default settings.
aaa authentication dot1x
default
enable authentication password (User EXEC)
aaa authentication enable enable password show aaa ias-users
aaa authentication login ip http authentication show authentication
methods
aaa authorization network
default radius
ip https authentication show users accounts
aaa ias-user username login authentication show users login-history
aaa new-model password (aaa IAS User
Configuration)
username
clear (IAS) password (Line
Configuration)
2CSPC4.XCT-SWUM2XX1.book Page 240 Monday, October 3, 2011 11:05 AM