Install guide
32 Enhancements to Login Authentication Release Note
Software Version 2.7.4
C613-10444-00 REV A
Enhancements to Login Authentication
This enhancement changes the approach that the router or switch uses for
authenticating users from RADIUS and the User Authentication Database.
Before Software Version 2.7.4, the router or switch searched the local user
database before attempting a RADIUS lookup. Software Version 2.7.4 enables
you to configure the router or switch to interrogate the RADIUS server first.
To do this, create users in the User Authentication Database of the new type
called “RADIUS unreachable” (RU) users, by using the command:
add user=login-name login={yes|no} password=password
radiusbackup=yes [other-options...]
If RU users are defined in the user database, the router or switch performs the
RADIUS lookup before checking the user database. If the lookup is successful,
the user is logged into the router or switch.
If the RADIUS server is unreachable, then the router or switch performs a user
database lookup for RU users only. Normal user database entries are not used
in this case.
If the RADIUS authentication fails, then the router or switch performs a lookup
in the user database, searching for normal (non-RU) users only.
Modified Commands
add user
Syntax ADD USEr=login-name
LOgin={True|False|ON|OFf|Yes|No} PAssword=password
[RADiusbackup={ON|OFF|YES|NO|True|False}]
[other-options...]
set user
Syntax SET USEr=login-name
[RADiusbackup={ON|OFF|YES|NO|True|False}]
[other-options...]