AUTHENTICATION COMMANDS

Example

Console(config)#authentication login radius

Console(config)#

Related Commands

username - for setting the local user names and passwords (4-35)

authentication enable

This command defines the authentication method and precedence to use when changing from Exec command mode to Privileged Exec command mode with the enable command (see page 4-27). Use the no form to restore the default.

Syntax

authentication enable {[local] [radius] [tacacs]} no authentication enable

local - Use local password only.

radius - Use RADIUS server password only.

tacacs - Use TACACS server password.

Default Setting

Local

Command Mode

Global Configuration

Command Usage

RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriented transport. Also, note that RADIUS encrypts only the password in the access-request packet from the client to the server, while TACACS+ encrypts the entire body of the packet.

RADIUS and TACACS+ logon authentication assigns a specific privilege level for each user name and password pair. The user name, password, and privilege level must be configured on the authentication server.

4-95

Page 343
Image 343
SMC Networks SMC6224M manual Authentication enable, Username for setting the local user names and passwords