Cisco Nexus 5000 Series Switch CLI Software Configuration Guide (OL-16597-01, July 2009)
Procedure
PurposeCommand or Action
Enters configuration mode.switch# configure terminal
Step 1
Configures login authentication methods for the console.switch(config)# aaa
authentication login console
Step 2
The group-list argument consists of a space-delimited list of
group names. The group names are the following:
{group group-list [none] | local
| none}
• radius —Uses the global pool of RADIUS servers for
authentication.
•
named-group —Uses a named subset of TACACS+ or
RADIUS servers for authentication.
The local method uses the local database for authentication.
The none method uses the username only.
The default console login method is local , which is used
when no methods are configured or when all of the configured
methods fail to respond.
Exits configuration mode.switch(config)# exit
Step 3
(Optional)
Displays the configuration of the console login authentication
methods.
switch# show aaa authentication
Step 4
(Optional)
Copies the running configuration to the startup configuration.
switch# copy running-config
startup-config
Step 5
The following example shows how to configure authentication methods for the console login:
switch# configure terminal
switch(config)# aaa authentication login console group radius
switch(config)# exit
switch# show aaa authentication
switch# copy running-config startup-config
Configuring Default Login Authentication Methods
The authentication methods include the following:
• Global pool of RADIUS servers
• Named subset of RADIUS or TACACS+ servers
• Local database on the Nexus 5000 Series switch
• Username only
The default method is local.
Before you configure default login authentication methods, configure RADIUS or TACACS+ server groups
as needed. To configure default login authentication methods, perform this task:
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01 233
Configuring AAA
Configuring Default Login Authentication Methods