Specifications

ManualsBrandsD-Link ManualsSwitchDGS-3024

131

132

133

134

135

136

137

138

139

140

DGS-3024 Layer 2 Switch CLI Reference Manual

config authen_login

Purpose Used to configure a user-defined or default method list of authentication

methods for user login.

Syntax

config authen_login [default | method_list_name <string 15>]

method {tacacs | xtacacs | tacacs+ | radius | server_group <string

15> | local | none}

Description This command will configure a user-defined or default method list of

authentication methods for users logging on to the Switch. The sequence

of methods implemented in this command will affect the authentication

result. For example, if a user enters a sequence of methods like tacacs –

xtacacs – local, the Switch will send an authentication request to the first

tacacs host in the server group. If no response comes from the server

host, the Switch will send an authentication request to the second tacacs

host in the server group and so on, until the list is exhausted. At that

point, the Switch will restart the same sequence with the following

protocol listed, xtacacs. If no authentication takes place using the

xtacacs list, the local account database set in the Switch is used to

authenticate the user. When the local method is used, the privilege level

will be dependant on the local account privilege configured on the

Switch.

Successful login using any of these methods will give the user a “user”

privilege only. If the user wishes to upgrade his or her status to the

administrator level, the user must implement the enable admin

command, followed by a previously configured password. (See the

enable admin part of this section for more detailed information,

concerning the enable admin command.)

default – The default method list for access authentication, as defined by

the user. The user may choose one or a combination of up to four (4) of

the following authentication methods:

Parameters

 xtacacs – Adding this parameter will require the user to be

authenticated using the XTACACS protocol from the remote

XTACACS server hosts of the XTACACS server group list.

 server_group <string 15> - Adding this parameter will require

the user to be authenticated using a user-defined server group

previously configured on the Switch.

method_list_name – Enter a previously implemented method list name

defined by the user. The user may add one, or a combination of up to

four (4) of the following authentication methods to this method list:

 tacacs – Adding this parameter will require the user to be

authenticated using the TACACS protocol from the remote

TACACS server hosts of the TACACS server group list.

 tacacs+ – Adding this parameter will require the user to be

authenticated using the TACACS+ protocol from the remote

TACACS+ server hosts of the TACACS+ server group list.

 radius - Adding this parameter will require the user to be

authenticated using the RADIUS protocol from the RADIUS

server listed in the server group list.

 local - Adding this parameter will require the user to be

authenticated using the local user account database on the

Switch.

 none – Adding this parameter will not require authentication to

access the Switch.

 tacacs – Adding this parameter will require the user to be

131