Cisco Cisco 5760 Wireless LAN Controller Technical References
Runs authorization for reverse access connections, such as reverse Telnet.
reverse-access
Runs authorization for iEdge subscriber services such as virtual private dialup
network (VPDN).
network (VPDN).
subscriber-service
Enables template authorization for the AAA server.
template
Uses the listed authorization methods that follow this keyword as the default
list of methods for authorization.
list of methods for authorization.
default
Character string used to name the list of authorization methods.
list_name
(Optional) An authorization method or multiple authorization methods to be
used for authorization. A method may be any one of the keywords listed in
the table below.
used for authorization. A method may be any one of the keywords listed in
the table below.
method1 [method2...]
Command Default
Authorization is disabled for all actions (equivalent to the method keyword none).
Command Modes
Global configuration
Command History
Modification
Release
This command was introduced.
Cisco IOS XE 3.2SE
Usage Guidelines
Use the aaa authorization command to enable authorization and to create named methods lists, which define
authorization methods that can be used when a user accesses the specified function. Method lists for
authorization define the ways in which authorization will be performed and the sequence in which these
methods will be performed. A method list is a named list that describes the authorization methods (such as
RADIUS or TACACS+) that must be used in sequence. Method lists enable you to designate one or more
security protocols to be used for authorization, which ensures a backup system in case the initial method fails.
Cisco IOS software uses the first method listed to authorize users for specific network services; if that method
fails to respond, the Cisco IOS software selects the next method listed in the method list. This process continues
until there is successful communication with a listed authorization method, or until all the defined methods
are exhausted.
authorization methods that can be used when a user accesses the specified function. Method lists for
authorization define the ways in which authorization will be performed and the sequence in which these
methods will be performed. A method list is a named list that describes the authorization methods (such as
RADIUS or TACACS+) that must be used in sequence. Method lists enable you to designate one or more
security protocols to be used for authorization, which ensures a backup system in case the initial method fails.
Cisco IOS software uses the first method listed to authorize users for specific network services; if that method
fails to respond, the Cisco IOS software selects the next method listed in the method list. This process continues
until there is successful communication with a listed authorization method, or until all the defined methods
are exhausted.
The Cisco IOS software attempts authorization with the next listed method only when there is no response
from the previous method. If authorization fails at any point in this cycle--meaning that the security server
or the local username database responds by denying the user services--the authorization process stops and
no other authorization methods are attempted.
from the previous method. If authorization fails at any point in this cycle--meaning that the security server
or the local username database responds by denying the user services--the authorization process stops and
no other authorization methods are attempted.
Note
If the aaa authorization command for a particular authorization type is issued without a specified named
method list, the default method list is automatically applied to all interfaces or lines (where this authorization
type applies) except those that have a named method list explicitly defined. (A defined method list overrides
method list, the default method list is automatically applied to all interfaces or lines (where this authorization
type applies) except those that have a named method list explicitly defined. (A defined method list overrides
Consolidated Platform Command Reference, Cisco IOS XE Release 3SE (Cisco WLC 5700 Series)
348
OL-29471-01
aaa authorization