Configuring the primary password authentication method for console, Telnet, SSH and WebAgent
The following commands have the server-group
option.
If no server-group
is specified, the default RADIUS
group is used. The server group must already be configured.
The last RADIUS server in a server group cannot be deleted if any authentication or accounting method is using the server group.
Syntax:
aaa authentication <console|telnet|ssh|web> <enable|[login <local]|radius [server-group <group-name>|local|none|authorized]
Configures the primary password authentication method for console, Telnet, SSH, and the WebAgent.
{<local | radius>}
Primary authentication method.
Default: local
<local|radius>
Use either the local switch user/password database or a RADIUS server for authentication.
<server-group <group-name>>
Specifies the server group to use.
[local|none|authorized]
Provides options for secondary authentication.
Default: none
Note that for console access, secondary authentication
must be local
if primary access is not local
.
This prevents being locked out of the switch in the event of a failure
in other access methods.