Each of these commands has its own syntax and options methods

The figure contains a complete listing of aaa authentication commands for Cisco IOS Release 12.2 and later. The "AAA Authentication Commands" table describes each of these commands

© 2006 Cisco Systems, Inc. Securing the Perimeter 2-93

AAA Authentication Commands

Command

Description

aaa authentication arap

To enable an AAA authentication method for AppleTalk Remote Access Protocol (ARAP) users using RADIUS or TACACS+, use the aaa authentication arap global configuration command. Use the no form of this command to disable this authentication.

aaa authentication banner

This command creates a personalized login banner.

aaa authentication enable default

To enable AAA authentication to determine if a user can access the privileged command level, use the aaa authentication enable default global configuration command. Use the no form of this command to disable this authorization method.

aaa authentication fail-message

This command creates a message to be displayed when a user fails login.

aaa authentication local-override

To configure the Cisco IOS software to check the local user database for authentication before attempting another form of authentication, use the aaa authentication local-override global configuration command. Use the no form of this command to disable the override.

aaa authentication login

To set AAA authentication at login, use the aaa authentication login global configuration command. Use the no form of this command to disable AAA authentication.

aaa authentication nasi

To specify AAA authentication for NetWare Access Server Interface (NASI) clients connecting through the access server, use the aaa authentication nasi global configuration command. Use the no form of this command to disable authentication for NASI clients.

aaa authentication password-prompt

To change the text displayed when users are prompted for a password, use the aaa authentication password-prompt global configuration command. Use the no form of this command to return to the default password prompt text.

aaa authentication ppp

To specify one or more AAA authentication methods for use on serial interfaces running PPP, use the aaa authentication ppp global configuration command. Use the no form of this command to disable authentication.

aaa authentication username-prompt

To change the text displayed when users are prompted to enter a username, use the aaa authentication username-prompt global configuration command. Use the no form of this command to return to the default username prompt text.

It is important that you learn these three commands and how to implement them in an AAA environment:

Was this article helpful?

0 0

Post a comment