19
Authentication
mode
Meaning Description
local scheme
Performs the local
password
authentication first
and then the
remote AAA
authentication
The switch authenticates a user by using the local password first. If
no local password is set, the privilege level is switched directly for
the users logged in from the Console port, and remote AAA
authentication is performed on the users logged in from VTY user
interfaces.
scheme local
Performs remote
AAA
authentication first
and then the local
password
authentication
AAA authentication is performed first, and if the remote
HWTACACS or RADIUS server does not respond or AAA
configuration on the switch is invalid, the local password
authentication is performed.
To set the authentication mode for user privilege level switch:
Ste
Command
Remarks
Enter system view system-view —
Set the authentication mode for
user privilege level switch
super authentication-mode { local
| scheme } *
Optional
local by default.
Configure the password for user
privilege level switch
super password [ level user-level ]
{ simple | cipher } password
Required if the authentication
mode is set to local.
By default, no privilege level switch
password is configured.
Switching the user privilege level
CAUTION:
• When the authentication mode is set to local, configure the local password before switching to a hi
her
user privilege level.
• When the authentication mode is set to scheme, configure AAA related parameters before switching to
a higher user privilege level.
• The privilege level switch fails after three consecutive unsuccessful password attempts.
• For more information about user interface authentication, see “Logging in to the switch configuration.”
Follow the step to switch the user privilege level:
Ste
Command
Remarks
Switch the user privilege level super [ level ]
Required
When logging in to the switch, a
user has a user privilege level,
which depends on user interface or
authentication user level.
Available in user view.
To Next Page
Loading...
Need help?
General
