Chapter 1
Configuring AAA
S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m
Command
Step 4
switch# show aaa authentication
Step 5
switch# copy running-config startup-config
Enabling Login Authentication Failure Messages
When you log in, the login is processed by the local user database if the remote AAA servers do not
respond. If you have enabled the displaying of login failure messages, the following message is
displayed :
Remote AAA servers unreachable; local authentication done.
Remote AAA servers unreachable; local authentication failed.
To enable login authentication failure messages, perform this task:
Command
Step 1
switch# configure terminal
Step 2
switch(config)# aaa authentication login
error-enable
Step 3
switch(config)# exit
Step 4
switch# show aaa authentication
Step 5
switch# copy running-config startup-config
Enabling MSCHAP Authentication
Microsoft Challenge Handshake Authentication Protocol (MSCHAP) is the Microsoft version of CHAP.
You can use MSCHAP for user logins to a Nexus 5000 Series switch through a remote authentication
server (RADIUS or TACACS+).
By default, the Nexus 5000 Series switch uses Password Authentication Protocol (PAP) authentication
between the Nexus 5000 Series switch and the remote server. If you enable MSCHAP, you need to
configure your RADIUS server to recognize the MSCHAP vendor-specific attributes (VSAs). See the
"Using AAA Server VSAs with Nexus 5000 Series Switches" section on page
the RADIUS VSAs required for MSCHAP.
OL-16597-01
Purpose
(Optional) Displays the configuration of the default
login authentication methods.
(Optional) Copies the running configuration to the
startup configuration.
Purpose
Enters configuration mode.
Enables login authentication failure messages. The
default is disabled.
Exits configuration mode.
(Optional) Displays the login failure message
configuration.
(Optional) Copies the running configuration to the
startup configuration.
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
Configuring AAA
1-11.
Table 1-3
describes
1-9