Allied Telesis AT-9000/28POE Switch User Manual

Open as PDF

of 1480

Chapter 88: RADIUS and TACACS+ Clients

1374

uses for remote Telnet and SSH sessions. (For background information,

refer to “VTY Lines” on page 41.)

Toggling remote authentication is accomplished with the LOGIN

AUTHENTICATION and NO LOGIN AUTHENTICATION commands,

found in the Console Line and Virtual Terminal Line modes. Here are

several examples of how to use the commands.

Assume you used the appropriate AAA AUTHENTICATION LOGIN

command to activate remote authentication on the switch. At the default

settings, the switch activates remote authentication for all local, Telnet,

and SSH management sessions. Now assume that you want the switch to

use the local manager accounts instead of the remote manager accounts

whenever anyone logs in using the Console port. To do this, you need to

toggle off remote authentication for local management sessions using the

NO LOGIN AUTHENTICATION command in the Console Line mode, as

shown here:

awplus> enable

awplus# configure terminal

awplus(config)# line console 0

awplus(config-line)# no login authentication

Now, even though remote authentication is activated, the switch uses its

local manager accounts to authenticate the user name and password

whenever someone logs on through the Console port.

If you change your mind and want to reactivate remote authentication for

local management sessions, enter the LOGIN AUTHENTICATION

command, again in the Console Line mode, as shown here:

awplus> enable

awplus# configure terminal

awplus(config)# line console 0

awplus(config-line)# login authentication

Toggling remote authentication for Telnet and SSH management sessions

is more complex because there are ten VTY lines and you can toggle

remote authentication on each line individually. For example, you might

configure the lines so that the switch uses its local manager accounts to

authenticate management sessions on lines 0 and 1, and the remote

manager accounts on the other lines.

Toggling remote authentication on the VTY lines is performed with the

same commands as for local management sessions, but in different

modes. They are called VTY Line modes, and there is one mode for each

line. The command for entering the modes is the LINE VTY command,

which has this format:

line vty

line_id

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Allied Telesis AT-9000/28POE Switch User Manual