Network Router User Manual
Table Of Contents
- Router Platform User Interface Reference
- NAT Policy Page
- Router Interfaces Page
- Advanced Interface Settings Page
- AIM-IPS Interface Settings Page
- Dialer Policy Page
- ADSL Policy Page
- SHDSL Policy Page
- PVC Policy Page
- PPP/MLP Policy Page
- AAA Policy Page
- Accounts and Credential s Policy Page
- Bridging Policy Page
- Clock Policy Page
- CPU Policy Page
- HTTP Policy Page
- Console Policy Page
- VTY Policy Page
- Secure Shell Policy Page
- SNMP Policy Page
- DNS Policy Page
- Hostname Policy Page
- Memory Policy Page
- Secure Device Provisioning Policy Page
- DHCP Policy Page
- NTP Policy Page
- 802.1x Policy Page
- Network Admission Control Policy Page
- Logging Setup Policy Page
- Syslog Servers Policy Page
- Quality of Service Policy Page
- BGP Routing Policy Page
- EIGRP Routing Policy Page
- OSPF Interface Policy Page
- OSPF Process Policy Page
- RIP Routing Policy Page
- Static Routing Policy Page
K-89
User Guide for Cisco Security Manager 3.2
OL-16066-01
Appendix K Router Platform User Interface Reference
AAA Policy Page
• Understanding Method Lists, page 15-69
• AAA Server Group Dialog Box, page F-12
• Predefined AAA Authentication Server Groups, page 9-15
Field Reference
Table K-38 AAA Page—Authentication Tab
Element Description
Enable Device Login
Authentication
When selected, enables the authentication of all users when they log in to the
device, using the methods defined in the method list.
When deselected, authentication is not performed.
Prioritized Method List Defines a sequential list of methods to be queried when authenticating a user.
Enter the names of one or more AAA server group objects (up to four), or
click Select to display an Object Selectors, page F-593. Use the up and down
arrows in the object selector to define the order in which the selected server
groups should be used.
The device tries initially to authenticate users using the first method in the
list. If that method fails to respond, the device tries the next method, and so
on, until a response is received.
Supported methods include Line, Local, Kerberos, RADIUS, TACACS+,
and None.
Note If you select None as a method, it must appear as the last method in
the list.
Maximum Number of
Attempts
The maximum number of unsuccessful authentication attempts before a user
is locked out. This feature is disabled by default. Valid values range from 1
to 65535.
Note From the standpoint of the user, there is no distinction between a
normal authentication failure and an authentication failure due to
being locked out. The system administrator has to explicitly clear the
status of a locked-out user using clear commands.