Authentication List Summary
Use the Authentication List Summary page to
view and configure the authentication lists used for management access and port-based (IEEE
802.1X) access to the system. An authentication list specifies which authentication
method(s) to use to validate the credentials of a user who attempts to access the device.
Several authentication lists are preconfigured on the system. These are default lists, and
they cannot be deleted. Additionally, the List Name and Access Type settings for the
default lists cannot be changed.
To access this page,
click in the navigation menu.
Authentication List Summary Fields shows the fields for the Authentication List Summary page.
Authentication List Summary Fields
Field |
Description |
List Name |
The name of the authentication list. This field can be configured only when adding a new authentication list. |
Access Type |
The way the user accesses the system. This field can be configured only when adding a new authentication list, and only the Login and Enable access types can be selected. The access types are as follows:
- Login: User EXEC-level management access to
the command-line interface (CLI) by using a console connection or a
Telnet or SSH (Secure Shell)
session. Access at this level has a limited number of CLI commands
available to view or configure the system.
- Enable: Privileged EXEC-level management
access to the CLI by using a console connection or a telnet or SSH
session. In Privileged EXEC mode, read-write users have access to all CLI
commands.
- HTTP: Management-level access to the web-based
user interface by using HTTP.
- HTTPS: Management-level access to the
web-based user interface by using secure HTTP.
- Dot1x: Port-based access to the network
through a switch port that is controlled by IEEE 802.1X.
|
Method Options |
The method(s) used to authenticate a user who attempts to access the management interface or network. The possible methods are as follows:
- Enable: Uses the locally configured Enable
password to verify the user's credentials.
- Line: Uses the locally configured Line
password to verify the user's credentials.
- Local: Uses the ID and password in the Local
User database to verify the user's credentials.
- RADIUS: Sends the user's ID and password to
the configured RADIUS (Remote Authentication Dial In User Service) server to verify the
user's credentials.
- TACACS+: Sends the user's ID and password to
the configured superloop server to verify the
user's credentials.
- None: No authentication is used.
- IAS: Uses the local Internal Authentication
Server (IAS) database for 802.1X port-based authentication.
|
List Type |
The type of list, which is one of the following:
- Default: The list is preconfigured on the
system. This type of list cannot be deleted, and only the Method Options
are configurable.
- Configured: The list has been added by a
user.
|
Access Line |
The access method(s) that use the list for authentication. The settings for this field are configured on the Authentication Selection page. |