Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

AAA Per-Interface Commands

XSR CLI Reference Guide 16-111

AAA Per-Interface Commands

aaa-method

ThiscommandisexecutedattheInterfaceMode.

ThiscommandspecifiesthenameoftheAAAmethodyouwilluseforauthenticationrequests

originatingfromthisinterface.Withthiscommand,youcanprocessauthenticationrequests

originatingfromdifferentinterfacesbydifferentmethods.

Thecommandisgovernedbythefollowingrules:

•Ifan

interfacehasnomethodspecifiedorthespecifiedmethoddoesnotexist,standardAAA

methodselectionapplies.

•The

@<method>usernamesyntaxoverridestheinterfaceʹsmethod.

•IKEisnotaffectedbecauseitalwaysemploysthePKImethod.

•Theinterface‐specificmethodwilloverridetheservicetypeʹsdefaultmethod(assignedviathe

clientsub‐commandinAAAmethodconfigurationmode)andtheAAAserviceʹsdefault

method.

Syntax

aaa method method-name

Syntax of the “no” Form

Thenoformofthiscommandde‐selectsthismethod:

no aaa method

Mode

Interfaceconfiguration:XSR(config-if<xx>)#

Example

ThisexamplesetsthePPPmethodforAAAserviceonFastEthernetinterface2:

XSR(config-if<F2>)#aaa method PPP

aaa privilege

ThiscommandassociatesthespecifiedinterfacewithamaximumprivilegelevelavailableforAAA

logins.BeawarethatyoucanassignauserʹsprivilegelevelbasedonAAAuser/group

information,unlessitexceedsthelevelassignedtoaninterfaceviathiscommand.Comparethis

commandwiththeAAAUseand

Groupmodeprivilegecommandonpage101.

Syntax

aaa privilege level

method-name

DesignationoftheAAAmethod(plug‐in).

level

Maximumprivilegesetting,rangingfrom0(lowest)to15.

previous next