Netgear M4200-10MG-PoE+ (GSM4210P) - Multigigabit Managed Switch with 8*2.5G and 2x10G SFP+ Layer 3 소프트웨어 가이드
Management Commands
96
M4200 and M4300 Series ProSAFE Managed Switches
no aaa authorization
This command deletes the authorization method list.
Per-Command Authorization
When authorization is configured for a line mode, the user manager sends information about
an entered command to the AAA server. The AAA server validates the received command,
and responds with either a PASS or FAIL response. If approved, the command is executed.
Otherwise, the command is denied and an error message is shown to the user. The various
utility commands such as tftp, ping, and outbound telnet should also pass command
authorization. Applying the script is treated as a single command apply script, which also
goes through authorization. Startup-config commands applied on device boot-up are not an
object of the authorization process.
an entered command to the AAA server. The AAA server validates the received command,
and responds with either a PASS or FAIL response. If approved, the command is executed.
Otherwise, the command is denied and an error message is shown to the user. The various
utility commands such as tftp, ping, and outbound telnet should also pass command
authorization. Applying the script is treated as a single command apply script, which also
goes through authorization. Startup-config commands applied on device boot-up are not an
object of the authorization process.
The per-command authorization usage scenario is this:
1.
Configure Authorization Method List
aaa authorization commands listname tacacs radius none
2.
Apply AML to an Access Line Mode (console, telnet, SSH)
authorization commands listname
3.
Commands entered by the user will go through command authorization via TACACS+ or
RADIUS server and will be accepted or denied.
RADIUS server and will be accepted or denied.
Format
aaa authorization {exec | commands} {default | list-name} method1
[method2…]
Mode
Global Config
Term
Definition
exec
Provides authorization for user EXEC terminal sessions.
commands
Provides authorization for all user-executed commands.
default
The default list of methods for authorization services.
list-name
Character string used to name the list of authorization methods.
method1 [method2…]
Use either tacacs or radius for authorization purpose.
Format
no aaa authorization {exec | commands} {default | <list-name>}
<method1> [<method2>…]
Mode
Global Config