Dell FCX624-S Laptop User Manual


  Open as PDF
of 1494
 
1200 PowerConnect B-Series FCX Configuration Guide
53-1002266-01
Configuring authentication-method lists
32
This command configures the device to use the local user accounts to authenticate access to the
device through the Web Management Interface. If the device does not have a user account that
matches the user name and password entered by the user, the user is not granted access.
Example 2
To configure an authentication-method list for SNMP, enter a command such as the following.
PowerConnect(config)#aaa authentication snmp-server default local
This command allows certain incoming SNMP SET operations to be authenticated using the locally
configured usernames and passwords. When this command is enabled, community string
validation is not performed for incoming SNMP V1 and V2c packets. This command takes effect as
long as the first varbind for SNMP packets is set to one of the following:
snAgGblPassword=”<username> <password>” (for AAA method local)
snAgGblPassword=”<password>” (for AAA method line, enable)
NOTE
Certain SNMP objects need additional validation. These objects include but are not limited to:
snAgReload, snAgWriteNVRAM, snAgConfigFromNVRAM, snAgImgLoad, snAgCfgLoad and
snAgGblTelnetPassword. For more information, see snAgGblPassword in the IronWare MIB
Reference Guide.
If AAA is set up to check both the username and password, the string contains the username,
followed by a space then the password. If AAA is set up to authenticate with the current Enable or
Line password, the string contains the password only.
Note that the above configuration can be overridden by the command no snmp-server pw-check,
which disables password checking for SNMP SET requests.
Example 3
To configure an authentication-method list for the Privileged EXEC and CONFIG levels of the CLI,
enter the following command.
PowerConnect(config)#aaa authentication enable default local
This command configures the device to use the local user accounts to authenticate attempts to
access the Privileged EXEC and CONFIG levels of the CLI.
Example 4
To configure the device to consult a RADIUS server first to authenticate attempts to access the
Privileged EXEC and CONFIG levels of the CLI, then consult the local user accounts if the RADIUS
server is unavailable, enter the following command.
PowerConnect(config)#aaa authentication enable default radius local
Command Syntax
The following is the command syntax for the preceding examples.
Syntax: [no] aaa authentication snmp-server | web-server | enable | login default <method1>
[<method2>] [<method3>] [<method4>] [<method5>] [<method6>] [<method7>]
The snmp-server | web-server | enable | login parameter specifies the type of access this
authentication-method list controls. You can configure one authentication-method list for each type
of access.