From: Scott Morris (swm@emanon.com)
Date: Tue Apr 05 2005 - 11:21:59 GMT-3
Be careful with over-assuming things!
You can have multiple groups in authentcation as well. So you may have:
Aaa authentication login default tacacs local
Aaa authentication login MyCon none
Line con 0
login MyCon (or on some IOS "login authentication MyCon")
By DEFAULT the group using tacacs and local authentication will be used.
Specifically on the console prompt nothing will be. Any other place gets a
"username" prompt.
Consider:
Aaa authentication login MyVTY line
Line vty 0 4
login MyVTY
password cisco
To only use the regular line password there.... Since we're using dot1x and
configuring some aaa stuff, the big note here is that you have to be at
least vaguely familiar with aaa operations and the way your router is going
to think.
While it's amusing if you have to do password recovery to your lab equipment
at home, it's not going to happen when the proctor's are grading your exam!
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of mani
poopal
Sent: Monday, April 04, 2005 5:43 PM
To: ccielab@groupstudy.com
Subject: 3550 port based authentication
Hi group,
For port based authentication do we have to configure "aaa autehtication
login default none" command. Does the above command is required for the
exam and if not under what circumstenses we will use this command.
================
aaa new-model
aaa authentication login default none<--IS THIS COMMAND IS REQUIRED/MUST OR
depend on the wording of the question.
aaa authentication dot1x default group radius radius-server host 150.1.1.100
auth-port 1812 acct-port 1813 key ABC
interface FastEthernet0/13
switchport access vlan 90
dot1x port-control auto
================
Mani
B.ENG,A+,CCNA,CCNP,CCNP-VOICE, CSS1,CNA,MCSE
(416)431 9929
MANI_CCIE@YAHOO.COM
---------------------------------
Do you Yahoo!?
Better first dates. More second dates. Yahoo! Personals
This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:54:53 GMT-3