Authentication List Summary

Use the Authentication List Summary page to view and configure the authentication lists used for management access and port-based (IEEE 802.1X) access to the system. An authentication list specifies which authentication method(s) to use to validate the credentials of a user who attempts to access the device. Several authentication lists are preconfigured on the system. These are default lists, and they cannot be deleted. Additionally, the List Name and Access Type settings for the default lists cannot be changed.

To access this page, click System > AAA > Authentication List in the navigation menu.

Authentication List Summary Fields shows the fields for the Authentication List Summary page.

Authentication List Summary Fields

Field	Description
List Name	The name of the authentication list. This field can be configured only when adding a new authentication list.
Access Type	The way the user accesses the system. This field can be configured only when adding a new authentication list, and only the Login and Enable access types can be selected. The access types are as follows: Login: User EXEC-level management access to the command-line interface (CLI) by using a console connection or a Telnet or SSH (Secure Shell) session. Access at this level has a limited number of CLI commands available to view or configure the system. Enable: Privileged EXEC-level management access to the CLI by using a console connection or a telnet or SSH session. In Privileged EXEC mode, read-write users have access to all CLI commands. HTTP: Management-level access to the web-based user interface by using HTTP. HTTPS: Management-level access to the web-based user interface by using secure HTTP. Dot1x: Port-based access to the network through a switch port that is controlled by IEEE 802.1X.
Method Options	The method(s) used to authenticate a user who attempts to access the management interface or network. The possible methods are as follows: Enable: Uses the locally configured Enable password to verify the user's credentials. Line: Uses the locally configured Line password to verify the user's credentials. Local: Uses the ID and password in the Local User database to verify the user's credentials. RADIUS: Sends the user's ID and password to the configured RADIUS (Remote Authentication Dial In User Service) server to verify the user's credentials. TACACS+: Sends the user's ID and password to the configured superloop server to verify the user's credentials. None: No authentication is used. IAS: Uses the local Internal Authentication Server (IAS) database for 802.1X port-based authentication.
List Type	The type of list, which is one of the following: Default: The list is preconfigured on the system. This type of list cannot be deleted, and only the Method Options are configurable. Configured: The list has been added by a user.
Access Line	The access method(s) that use the list for authentication. The settings for this field are configured on the Authentication Selection page.

Click Refresh to update the information on the screen.
To create a new authentication list, see Authentication Server Users. To assign users to a specific authentication list, see User Accounts. To configure the 802.1x port security users, see RADIUS Settings.

Published October 2018prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback