Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

AAA Method Commands

16-106 Configuring Security

client

ThiscommandconfiguresthedefaultAAAmethod(plug‐in)foreachclientservice.Ifaclient

serviceisnotregisteredbythiscommand,requestsfromthatservicewillfallthroughtothe

overalldefaultmethod.

Forexample,iftheauthenticationmodehasnotbeensetforTelnetusing

aaa client telnet,

thenthedefaultAAAmethodsetforTelnetusersviathe

clientcommandwillbeignored.Telnet

userswillbeauthenticatedbyTelnet’sAAAschemeusingitsownuserdatabase.

Syntax

client {vpn | telnet | firewall | console | ssh | ppp}

Syntax of the No Form

Thenoformofthiscommandremovesthedefaultmethodfortheassociatedclientservice:

no client {vpn | telnet | firewall | console | ssh | ppp}

Mode

AAAMethodconfiguration:XSR(aaa-method-xx)#

Default

VPNaccessisenabled,allotheraccesstypesaredisabled.

Example

ThisexampleconfiguresRADIUSmethodsbrasthedefaultmethodfortheclient‐serviceTelnet:

XSR(config)#aaa method radius sbr

XSR(config-aaa-rad)#client telnet

enable

ThiscommandenablesthecurrentAAAserverforRADIUSonly.

Syntax

enable

Syntax of the “no” Form

ThenoformofthiscommanddisablesthecurrentAAAserverservice:

no enable

Note: You can specify a username as username@method, allowing that user to explicitly specify

which AAA method to use for that login attempt.

Note: PPP uses AAA only when acting as the authenticator (that is, when validating the peer).

PPP's client-side functionality is authenticated by the peer when acting as the authenicatee.

previous next