Filter
Top Products
DGS-3100 Series Gigabit Stackable Managed Switch CLI Manual
18
6
which is defined by the Administrator. A maximum of eight (8)
enable method lists can be implemented on the Switch.
Parameters <string 12> - Defines the authen_enable method_list_name to be
created as a string of up to 12 alphanumeric characters.
Restrictions Only Administrator or operator-level users can issue this command.
Example usage:
To create a user-defined method list, named ‘Permit’ for promoting user privileges to Adminstrator privileges:
DGS3100# create authen_enable method_list_name Permit
Success.
DGS3100#
config authen_enable
Purpose To configure a user-defined method list of authentication methods
for promoting normal user level privileges to Administrator level
privileges on the Switch.
Syntax
config authen_enable [default | method_list_name <string 12>]
method {tacacs+ | radius | local_enable | none}
Description The config authen_enable command configures a user-defined list
of authentication methods for promoting normal user level privileges
to Administrator level privileges using authentication methods on the
Switch. Once a user acquires normal user level privileges on the
Switch, he or she must be authenticated by a method on the Switch
to gain administrator privileges on the Switch, which is defined by
the Administrator. A maximum of eight (8) enable method lists can
be implemented simultaneously on the Switch.
The sequence of methods implemented in this command affects the
authentication result. For example, if a user enters a sequence of
methods like tacacs+ – radius – local_enable, the Switch sends an
authentication request to the first TACACS+ host in the server
group. If no verification is found, the Switch sends an authentication
request to the second TACACS+ host in the server group and so on,
until the list is exhausted. At that point, the Switch restarts the same
sequence with the following protocol listed, radius. If no
authentication takes place using the radius list, the local_enable
password set in the Switch is used to authenticate the user.
Successful authentication using any of these methods gives the user
an ‘Admin’ level privilege.
Parameters default – The default method list for adminstration rights
authentication, as defined by the user. The user may choose one or
more of the following authentication methods:
tacacs+ – Specifies that the user is to be authenticated
using the TACACS+ protocol from the remote TACACS+
server hosts of the TACACS+ server group list.
radius – Specifies that the user is to be authenticated using
the RADIUS protocol from the remote RADIUS server hosts
of the RADIUS server group list.
local_enable - Specifies that the user is to be authenticated