Configuring the primary password authentication method for console, Telnet, SSH and WebAgent
The following commands have the server-group
option.
If no server-group
is specified, the default RADIUS
group is used. The server group must already be configured.
The last RADIUS server in a server group cannot be deleted if any authentication or accounting method is using the server group.
Syntax
aaa authentication [<console | telnet | ssh | web> | <enable | login> | local | radius ] [ server-group | <group-name> | local | none | authorized ]
Configures the primary password authentication method for console, Telnet, SSH, and the WebAgent.
<local | radius >
Primary authentication method.
Default: local
[<local] radius >
Use either the local switch user/password database or a RADIUS server for authentication.
<server-group <group-name>>
Specifies the server group to use.
[ local | none | authorized ]
Provides options for secondary authentication.
Default: none
Note that for console access, secondary authentication must be local if primary access is not local. This prevents being locked out of the switch in the event of a failure in other access methods.