D-Link DES-3200 Switch User Manual


 
xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Guide
251
config authen_login
methods for user login.
Syntax
config authen_login [default | method_list_name <string 15>] method
{tacacs | xtacacs | tacacs+ | radius | server_group <string 15> | local |
none} (1)
Description
This command is used to configure a user-defined or default method list
of authentication methods for users logging on to the Switch. The
sequence of methods implemented in this command will affect the
authentication result. For example, if a user enters a sequence of
methods like tacacs – xtacacs local, the Switch will send an
authentication request to the first tacacs host in the server group. If no
response comes from the server host, the Switch will send an
authentication request to the second tacacs host in the server group and
so on, until the list is exhausted. At that point, the Switch will restart the
same sequence with the following protocol listed, xtacacs. If no
authentication takes place using the xtacacs list, the local account
database set in the Switch is used to authenticate the user. When the
local method is used, the privilege level will be dependant on the local
account privilege configured on the Switch.
Successful login using any of these methods will give the user a “user”
privilege only. If the user wishes to upgrade his or her status to the
administrator level, the user must implement the enable admin
command, followed by a previously configured password. (See the
enable admin part of this section for more detailed information,
concerning the enable admin command.)
Parameters
default – The default method list for access authentication, as defined
by the user. The user may choose one or a combination of up to four(4)
of the following authentication methods:
tacacs – Adding this parameter will require the user to be authenticated
using the TACACS protocol from the remote TACACS server hosts of
the TACACS server group list.
xtacacs – Adding this parameter will require the user to be authenticated
using the XTACACS protocol from the remote XTACACS server hosts
of the XTACACS server group list.
tacacs+ – Adding this parameter will require the user to be
authenticated using the TACACS+ protocol from the remote TACACS+
server hosts of the TACACS+ server group list.
radius Adding this parameter will require the user to be authenticated
using the RADIUS protocol from the remote RADIUS server hosts of the
RADIUS server group list.
server_group <string 15> Adding this parameter will require the user
to be authenticated using a user-defined server group previously
configured on the Switch.
local Adding this parameter will require the user to be authenticated
using the local user account database on the Switch.
none – Adding this parameter will require no authentication to access
the Switch.
method_list_name – Enter a previously implemented method list name
defined by the user. The user may add one, or a combination of up to
four of the following authentication methods to this method list:
tacacs – Adding this parameter will require the user to be authenticated
using the TACACS protocol from a remote TACACS server.
xtacacs – Adding this parameter will require the user to be authenticated
using the XTACACS protocol from a remote XTACACS server.
tacacs+ – Adding this parameter will require the user to be
authenticated using the TACACS+ protocol from a remote TACACS+
server.