EXEC Configuration Example 527
■ An administrator user using the console port
■ An operator user using telnet
Configureng Administrator User Login Authentication from a Console Port
In this example, the user name is abc and the password is hello. The RADIUS server
first authenticates the user, and then local authentication is used when the former
authentication cannot be carried out normally. When logging in the router
connected through the console port, only the user whose user name is abc and
password is hello can log on successfully. Otherwise, access to the router is denied.
1 Enable AAA
[Router]aaa-enable
2 Configure the login authentication of entering EXEC from Console port
[Router]login con
3 Configure the local authentication user name and password of EXEC user type.
[Router] local-user abc service-type exec-adminstrator password
cipher hello
4 Configure the default authentication method list of EXEC users
[Router]aaa authentication-scheme login default radius local
5 Configure RADIUS server and the shared secret
[Router]radius server 172.17.0.30 authentication-port 1645
accouting-port 1646
[Router]radius shared-key 3Com
Configuring Operator User Login Authentication Through Telnet
In this example, the user name is abcd and the password is hello. Local
authentication is conducted directly and only users who pass the local
authentication can log on successfully. Otherwise, access to the router is denied.
1 Enable AAA
[Router]aaa-enable
2 Configure the login authentication of entering EXEC via Telnet port
[Router]login telnet
3 Configure the local authentication user name and password of EXEC user type.
[Router] local-user abcd service-type exec-operator password cipher
hello
4 Configure the authentication method list of EXEC users
[Router]aaa authentication-scheme login default local