Alcatel-Lucent 6850-48 Guida Di Riferimento
AAA Commands
OmniSwitch CLI Reference Guide
September 2009
page 58-21
aaa authentication
Configures the interface for Authenticated Switch Access and specifies the server(s) to be used. This type
of authentication gives users access to manage the switch.
of authentication gives users access to manage the switch.
aaa authentication {console | telnet | ftp | http | snmp | ssh | default} server1 [server2...] [local]
no aaa authentication [console | telnet | ftp | http | snmp | ssh | default]
Syntax Definitions
console
Configures Authenticated Switch Access through the console port.
telnet
Configures Authenticated Switch Access for any port used for Telnet.
ftp
Configures Authenticated Switch Access for any port used for FTP.
http
Configures Authenticated Switch Access for any port used for Web-
based management.
based management.
snmp
Configures Authenticated Switch Access for any port used for SNMP.
ssh
Configures Authenticated Switch Access for any port used for Secure
Shell.
Shell.
default
Configures Authenticated Switch Access for any port using any service
(telnet, ftp, etc.). Note that SNMP access is enabled only if an LDAP or
local server is specified with the command.
(telnet, ftp, etc.). Note that SNMP access is enabled only if an LDAP or
local server is specified with the command.
server1
The name of the authentication server used for Authenticated Switch
Access. At least one server is required. The server may be a RADIUS,
TACACS+, LDAP, ACE/Server, or the local user database. RADIUS,
TACACS+, and LDAP server names are set up through the
Access. At least one server is required. The server may be a RADIUS,
TACACS+, LDAP, ACE/Server, or the local user database. RADIUS,
TACACS+, and LDAP server names are set up through the
commands. If an ACE/Server will be used, specify ace for the server
name. (Only one ACE/Server may be specified.)
name. (Only one ACE/Server may be specified.)
server2...
The names of backup servers for Authenticated Switch Access. Up to 3
backups may be specified (including local). These backups are only
used if server1 becomes unavailable. They are polled in the order they
are listed in this command. The first available server becomes the
authentication server.
backups may be specified (including local). These backups are only
used if server1 becomes unavailable. They are polled in the order they
are listed in this command. The first available server becomes the
authentication server.
local
Specifies that the local user database will be a backup for the authenti-
cation servers. If you want to use the local user database as the only
authentication server, specify local for server1.
cation servers. If you want to use the local user database as the only
authentication server, specify local for server1.
Defaults
• At switch startup, Authenticated Switch Access is available through console port via the local
database. Authentication for other management interfaces (Telnet, FTP, etc.) is disabled.
• By default, the telnet, ftp, http, and snmp login is disabled
• The default user on the switch is admin, and switch is the password.