Displaying The Radius Configuration - Cisco Catalyst 2960 Software Configuration Manual
Hide thumbs
Also See for Catalyst 2960:
- Configuration manual (2288 pages) ,
- Command reference manual (800 pages) ,
- Hardware installation manual (108 pages)
Table of Contents
Advertisement
Chapter 9
Configuring Switch-Based Authentication
Displaying the RADIUS Configuration
To display the RADIUS configuration, use the show running-config privileged EXEC command.
Configuring the Switch for Local Authentication and
Authorization
You can configure AAA to operate without a server by setting the switch to implement AAA in local
mode. The switch then handles authentication and authorization. No accounting is available in this
configuration.
Beginning in privileged EXEC mode, follow these steps to configure the switch for local AAA:
Command
Step 1
configure terminal
Step 2
aaa new-model
Step 3
aaa authentication login default
local
Step 4
aaa authorization exec local
Step 5
aaa authorization network local
Step 6
username name [privilege level]
{password encryption-type
password}
Step 7
end
Step 8
show running-config
Step 9
copy running-config startup-config (Optional) Save your entries in the configuration file.
To disable AAA, use the no aaa new-model global configuration command. To disable authorization,
use the no aaa authorization {network | exec} method1 global configuration command.
OL-26520-01
Configuring the Switch for Local Authentication and Authorization
Purpose
Enter global configuration mode.
Enable AAA.
Set the login authentication to use the local username database. The default
keyword applies the local user database authentication to all ports.
Configure user AAA authorization, check the local database, and allow the
user to run an EXEC shell.
Configure user AAA authorization for all network-related service requests.
Enter the local database, and establish a username-based authentication
system.
Repeat this command for each user.
For name, specify the user ID as one word. Spaces and quotation marks
•
are not allowed.
(Optional) For level, specify the privilege level the user has after gaining
•
access. The range is 0 to 15. Level 15 gives privileged EXEC mode
access. Level 0 gives user EXEC mode access.
For encryption-type, enter 0 to specify that an unencrypted password
•
follows. Enter 7 to specify that a hidden password follows.
•
For password, specify the password the user must enter to gain access to
the switch. The password must be from 1 to 25 characters, can contain
embedded spaces, and must be the last option specified in the username
command.
Return to privileged EXEC mode.
Verify your entries.
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
9-41
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
