hit counter script

Configuring The Switch For Local Authentication And Authorization - Cisco WS-C3020 Software Configuration Manual

Catalyst blade switch for hp
Table of Contents

Advertisement

Configuring the Switch for Local Authentication and Authorization

Configuring the Switch for Local Authentication and
Authorization
You can configure AAA to operate without a server by setting the switch to implement AAA in local
mode. The switch then handles authentication and authorization. No accounting is available in this
configuration.
Beginning in privileged EXEC mode, follow these steps to configure the switch for local AAA:
Command
Step 1
configure terminal
Step 2
aaa new-model
Step 3
aaa authentication login default local
Step 4
aaa authorization exec local
Step 5
aaa authorization network local
Step 6
username name [privilege level]
{password encryption-type password}
Step 7
end
Step 8
show running-config
Step 9
copy running-config startup-config
To disable AAA, use the no aaa new-model global configuration command. To disable authorization,
use the no aaa authorization {network | exec} method1 global configuration command.
To secure the switch for HTTP access by using AAA methods, you must configure the switch with the
Note
ip http authentication aaa global configuration command. Configuring AAA authentication does not
secure the switch for HTTP access by using AAA methods.
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
7-36
Purpose
Enter global configuration mode.
Enable AAA.
Set the login authentication to use the local username database. The
default keyword applies the local user database authentication to all
ports.
Configure user AAA authorization, check the local database, and allow
the user to run an EXEC shell.
Configure user AAA authorization for all network-related service
requests.
Enter the local database, and establish a username-based authentication
system.
Repeat this command for each user.
For name, specify the user ID as one word. Spaces and quotation
marks are not allowed.
(Optional) For level, specify the privilege level the user has after
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 0 gives user EXEC mode access.
For encryption-type, enter 0 to specify that an unencrypted password
follows. Enter 7 to specify that a hidden password follows.
For password, specify the password the user must enter to gain access
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username command.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Chapter 7
Configuring Switch-Based Authentication
OL-8915-03

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Catalyst 3020

Table of Contents