User`s manual
61
DWS-1008 User’s Manual
D-Link Systems, Inc.
Conguring AAA for Administrative and Local Access
DWS-1008# set authentication admin * sg1
success: change accepted.
DWS-1008# save cong
success: configuration saved.
Local Override and Backup Local Authentication
This scenario illustrates how to enable local override authentication for console users. Local
override means that MSS attempts authentication rst via the local database. If it nds no
match for the user in the local database, MSS then tries a RADIUS server - in this case,
server r1 in server group sg1. Natasha types the following commands in this order:
DWS-1008# set user natasha password m@Jor
User natasha created
DWS-1008# set radius server r1 address 192.168.253.1 key sunFLOW#$
success: change accepted.
DWS-1008# set server group sg1 members r1
success: change accepted.
DWS-1008# set authentication console * local sg1
success: change accepted.
DWS-1008# save cong
success: configuration saved.
Natasha also enables backup RADIUS authentication for Telnet administrative users. If the
RADIUS server does not respond, the user is authenticated by the local database in the
DWS-1008 switch. Natasha types the following commands:
DWS-1008# set authentication admin * sg1 local
success: change accepted.
DWS-1008# save cong
success: configuration saved.
The order in which Natasha enters authentication methods in the set authentication
command determines the method MSS attempts rst. The local database is the rst method
attempted for console users and the last method attempted for Telnet administrators.