Specifications

ManualsBrandsD-Link ManualsComputer equipmentDGS-3048 - Switch

131

132

133

134

135

136

137

138

139

140

DGS-3048 Layer 2 Switch CLI Reference Manual

131

config authen_enable

The sequence of methods implemented in this command will affect

the authentication result. For example, if a user enters a sequence of

methods like tacacs + – local_enable, the Switch will send an

authentication request to the first tacacs host in the server group. If

no verification is found, the Switch will send an authentication

request to the second tacacs host in the server group and so on,

until the list is exhausted. At that point, the Switch will restart the

same sequence with the following protocol listed, tacacs+. If no

authentication takes place using the tacacs+ list, the local_enable

password set in the Switch is used to authenticate the user.

Successful authentication using any of these methods will give the

user a “Admin” privilege.

Parameters default – The default method list for administration rights

authentication, as defined by the user. The user may choose one or

a combination of up to four (4) of the following authentication

methods:

 tacacs+ – Adding this parameter will require the user to be

authenticated using the TACACS+ protocol from the remote

TACACS+ server hosts of the TACACS+ server group list.

 radius - Adding this parameter will require the user to be

authenticated using the RADIUS protocol from a remote

RADIUS server previously implemented on the Switch.

 local_enable – Adding this parameter will require the user

to be authenticated using the local user account database

on the Switch.

 none – Adding this parameter will require no authentication

to access the Switch.

method_list_name – Enter a previously implemented method list

name defined by the user (create authen_enable). The user may

add one, or a combination of up to four (4) of the following

authentication methods to this method list:

 tacacs+ – Adding this parameter will require the user to be

authenticated using the TACACS+ protocol from a remote

TACACS+ server.

 radius – Adding this parameter will require the user to be

authenticated using the RADIUS protocol from a remote

RADIUS server previously implemented on the Switch.

 local_enable – Adding this parameter will require the user

to be authenticated using the local user account database

on the Switch. The local enable password of the device can

be configured using the “config admin local_password”

command.

 none – Adding this parameter will require no authentication

to access the administration level privileges on the Switch.

Restrictions Only administrator-level users can issue this command.

Example usage:

To configure the user defined method list “Trinity” with authentication methods TACACS+and local, in

that order.