250 AAA Commands
User Guidelines
The 4.x firmware emulates industry standard behavior for enable mode
authentication over SSH and telnet. In 4.x, the default enable authentication
method for telnet and SSH uses the enableNetList method, which requires an
enable password. If users are unable to enter privileged mode when accessing
the switch via telnet or SSH, the administrator will need to either change the
enable authentication method, e.g. to enableList, or set an enable password.
Example
The following example defines password "xxxyyyzzz" to control access to user
and privilege levels.
console(config)# enable password xxxyyyzzz
ip http authentication
Use the ip http authentication command in Global Configuration mode to
specify authentication methods for http server users. To return to the default,
use the no form of this command.
Syntax
ip http authentication
method1
[
method2
...]
no ip http authentication
method1
[
method2
...
]
— Specify at least one from the following table:
Default Configuration
The local user database is checked. This action has the same effect as the
command ip http authentication local.
Keyword Source or destination
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
2CSPC4.XCT-SWUM2XX1.book Page 250 Monday, October 3, 2011 11:05 AM