User`s guide

ManualsBrandsD-Link ManualsComputer equipment3100 24 - DGS Switch - Stackable

151

152

153

154

155

156

157

158

159

160

DGS-3100 Gigabit Ethernet Switch Manual

146

which is defined by the Administrator. A maximum of eight (8)

enable method lists can be implemented on the Switch.

Parameters <string 12> - Defines the authen_enable method_list_name to be

created as a string of up to 12 alphanumeric characters.

Restrictions Only administrator-level users can issue this command.

Example usage:

To create a user-defined method list, named “Permit” for promoting user privileges to Adminstrator privileges:

DGS3100# create authen_enable method_list_name Permit

Success.

DGS3100#

config authen_enable

Purpose To configure a user-defined method list of authentication methods

for promoting normal user level privileges to Administrator level

privileges on the Switch.

Syntax

config authen_enable [default | method_list_name <string 12>]

method {tacacs+ | radius | local_enable | none}

Description The config authen_enable command configures a user-defined list

of authentication methods for promoting normal user level privileges

to Administrator level privileges using authentication methods on the

Switch. Once a user acquires normal user level privileges on the

Switch, he or she must be authenticated by a method on the Switch

to gain administrator privileges on the Switch, which is defined by

the Administrator. A maximum of eight (8) enable method lists can

be implemented simultaneously on the Switch.

The sequence of methods implemented in this command will affect

the authentication result. For example, if a user enters a sequence

of methods like tacacs+ – radius – local_enable, the Switch will send

an authentication request to the first TACACS+ host in the server

group. If no verification is found, the Switch will send an

authentication request to the second TACACS+ host in the server

group and so on, until the list is exhausted. At that point, the Switch

will restart the same sequence with the following protocol listed,

radius. If no authentication takes place using the radius list, the

local_enable password set in the Switch is used to authenticate the

user.

Successful authentication using any of these methods will give the

user an “Admin” level privilege.

Parameters default – The default method list for adminstration rights

authentication, as defined by the user. The user may choose one or

more of the following authentication methods:

• tacacs+ – Specifies that the user is to be authenticated

using the TACACS+ protocol from the remote TACACS+

server hosts of the TACACS+ server group list.

• radius – Specifies that the user is to be authenticated using

the RADIUS protocol from the remote RADIUS server hosts

of the RADIUS server group list.