Users Guide
VTY Line and Access-Class
Configuration
Various methods are available to restrict VTY access in the Dell Networking OS. These depend on which
authentication scheme you use — line, local, or remote.
Table 80. VTY Access
Authentication Method VTY access-class
support?
Username access-class
support?
Remote authorization
support?
Line YES NO NO
Local NO YES NO
TACACS+ YES NO YES
RADIUS YES NO YES
The system provides several ways to configure access classes for VTY lines, including:
• VTY Line Local Authentication and Authorization
• VTY Line Remote Authentication and Authorization
VTY Line Local Authentication and
Authorization
The system retrieves the access class from the local database.
To use this feature:
1 Create a username.
2 Enter a password.
3 Assign an access class.
4 Enter a privilege level.
You can assign line authentication on a per-VTY basis; it is a simple password authentication, using an
access-class as authorization.
Configure local authentication globally and configure access classes on a per-user basis.
The system can assign different access classes to different users by username. Until users attempt to log in,
the system does not know if they will be assigned a VTY line. This means that incoming users always see a
login prompt even if you have excluded them from the VTY line with a deny-all access class. After users
identify themselves, the system retrieves the access class from the local database and applies it. (The system
can then close the connection if a user is denied access.)
Security 1010