Manualshelf

Hub/Switch Reference Guide

ManualsBrandsNortel Networks ManualsSwitch2300 Series
191192193194195196197198199200
AAA Commands 193
Nortel WLAN—Security Switch 2300 Series Command Line Reference
Defaults
By default, authentication is deactivated for all admin users. The default authentication method in
an admin authentication rule is local. WSS Software checks the local WSS database for authentication.
Access
Enabled..
Usage
You can configure different authentication methods for different groups of users. (For details, see
“User Wildcards, MAC Address Wildcards, and VLAN Wildcards” on page 12.)
If you specify multiple authentication methods in the set authentication console command, WSS Software applies them
in the order in which they appear in the command, with these results:
If the first method responds with pass or fail, the evaluation is final.
If the first method does not respond, WSS Software tries the second method, and so on.
•However, if local appears first, followed by a RADIUS server group, WSS Software ignores any failed searches in
the local WSS database and sends an authentication request to the RADIUS server group.
Examples
The following command configures administrator Jose, who connects via Telnet, for
authentication on RADIUS server group sg3:
WSS# set authentication admin Jose sg3
success: change accepted.
See Also
clear authentication admin on page 167
set authentication console on page 183
set authentication dot1x on page 185
set authentication mac on page 189
set authentication web on page 191
show aaa on page 210
set authentication console
Configures authentication and defines where it is performed for specified users with administrative access through a
console connection.
Note. The syntax descriptions for the set authentication commands have been
separated for clarity. However, the options and behavior for the set authentication admin
command are the same as in previous releases.
Note. If a AAA rule specifies local as a secondary AAA method, to be used if the
RADIUS servers are unavailable, and WSS Software authenticates a client with the local
method, WSS Software starts again at the beginning of the method list when attempting to
authorize the client. This can cause unexpected delays during client processing and can
cause the client to time out before completing logon.