Configuring the switch authentication method

Syntax

aaa authentication console|telnet|ssh|web|port-access

Selects the access method for configuration.


<enable>

The server grants privileges at the manager privilege level.

<login [privilege-mode]>

The server grants privileges at the operator privilege level. If the privilege-mode option is entered, TACACS+ is enabled for a single login. The authorized privilege level (operator or manager) is returned to the switch by the TACACS+ server. Default: Single login disabled.

<local|tacacs|radius>

Selects the type of security access:

local

Authenticates with the manager and operator password you configure in the switch.

tacacs

Authenticates with a password and other data configured on a TACACS+ server.

radius

Authenticates with a password and other data configured on a RADIUS server.

[<local|none>]

If the primary authentication method fails, determines whether to use the local password as a secondary method or to disallow access.

Syntax

aaa authentication num-attempts <1-10>
    

Specifies the maximum number of login attempts allowed in the current session.

Default: 3