EasyManuals Logo
Home>Cisco>Switch>WS-C6506

Cisco WS-C6506 User Manual

Cisco WS-C6506
1488 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #979 background imageLoading...
Page #979 background image
39-45
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 39 Configuring the Switch Access Using AAA
Understanding How Authorization Works
Authorization Events
You can enable authorization for the following:
Commands—When you enable authorization for commands, the user must supply a valid username
and password pair to execute certain commands. You can require authorization for all commands or
for configuration (enable mode) commands only. When a user issues a command, the authorization
server receives the command and user information and compares it against an access list. If the user
is authorized to issue that command, the command is executed; otherwise, the command is not
executed.
EXEC mode (normal login)—When authorization is enabled for EXEC mode, the user must supply
a valid username and password pair to gain access to EXEC mode. Authorization is required only if
you have enabled the authorization feature.
Enable mode (privileged login)—When authorization is enabled for enable mode, the user must
supply a valid username and password pair to gain access to enable mode. Authorization is required
only if you have enabled authorization for enable mode.
TACACS+ Primary Options and Fallback Options
You can specify the primary options and the fallback options that are used in the authorization process.
The available options and fallback options include the following:
tacacs+—If you have been authenticated, and there is no response from the TACACS+ server, then
authorization will succeed immediately.
deny—Deny is strictly a fallback option. Authorization will fail if the TACACS+ server fails to
respond. This is the default behavior.
if-authenticated—If you have been authenticated, and there is no response from the TACACS+
server, then authorization will succeed immediately.
none—Authorization will succeed if the TACACS+ server does not respond.
TACACS+ Command Authorization
You can require authorization for all commands or for configuration (enable mode) commands only. The
configuration commands include the following:
copy
clear
commit
configure
delete
download
format
reload
rollback
session
set

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco WS-C6506 and is the answer not in the manual?

Cisco WS-C6506 Specifications

General IconGeneral
BrandCisco
ModelWS-C6506
CategorySwitch
LanguageEnglish

Related product manuals