User’s Manual of WGSD-1022/WGSD-8000

ƒmethod1 [method2...]—Specify at least one from the following table:

Keyword

Source or destination

 

 

Enable

Uses the enable password for authentication.

 

 

Line

Uses the line password for authentication

 

 

None

Uses no authentication

 

 

Radius

Uses the list of all radius servers for authentication. Uses username “$enabx$.” Where x

 

is the privilege level

 

 

Tacacs

Uses the list of all TACACS+ servers for authentication. Uses username “$enabx$.”

 

Where x is the privilege level.

 

 

Default Configuration

If the default list is not set, only the enable password is checked. This has the same effect as the command aaa authentication enable default enable.

On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has the same effect as using the command aaa authentication enable default enable none.

Command Mode

Global Configuration mode

User Guidelines

The default and optional list names created with the aaa authentication enable command are used with the enable authentication command.

Create a list by entering the aaa authentication enable list-name method command where list-nameis any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.

The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.

All aaa authentication enable default requests sent by the router to a RADIUS server include the username "$enabx$.", where x is the requested privilege level.

Example

The following example sets authentication when accessing higher privilege levels.

console (config) # aaa authentication enable default enable

- 162 –