RE: AAA authentication... affecting login ????

From: Shinji Kanehori (kanehori@nttdocomo.co.jp)
Date: Wed Jul 07 2004 - 22:46:11 GMT-3

• Next message: James: "Re: Limitations of 3550emi"
• Previous message: Scott Morris: "RE: Limitations of 3550emi"
• Maybe in reply to: Karim: "AAA authentication... affecting login ????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi

In the lab , usually not permited to change line password.
So , "default line" is needed.

aaa new-model
aaa authentication login default line
aaa authentication dot1x default group radius
!
dot1x system-auth-control
!
interface GigabitEthernet0/6
 switchport mode access
 dot1x port-control auto
!
line con 0
 password cisco
line vty 0 4
 password cisco

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Karim
Sent: Thursday, July 08, 2004 4:38 AM
To: Kenneth Wygand; ccielab@groupstudy.com
Subject: Re: AAA authentication... affecting login ????

I am trying to access via console. Here you are the config. :

aaa new-model
aaa authentication dot1x default group radius
enable password cisco
!
line con 0
 exec-timeout 0 0

Regards,
Karim.

----- Original Message -----
From: "Kenneth Wygand" <KWygand@customonline.com>
To: "Karim" <karim_ccie@hotmail.com>; <ccielab@groupstudy.com>
Sent: Wednesday, July 07, 2004 10:29 PM
Subject: RE: AAA authentication... affecting login ????

?
Karim,

I believe that if you have local authentication configured on the line, that
will supercede the AAA login configuration commands, but I'm not 100% sure
of this.

Can you post your AAA and access line configuration?

Thanks!
Ken

________________________________

From: nobody@groupstudy.com on behalf of Karim
Sent: Wed 7/7/2004 3:22 PM
To: ccielab@groupstudy.com
Subject: AAA authentication... affecting login ????

Hi all,

I am asking about something might seem trivial here but it is confusing me!
If configuring "aaa authentication dot1x default group radius" or "aaa
authentication ppp default group radius", I thought that I have to add "aaa
authentication login none" just to be able to access the switch. But I am
trying to practice it now, adding the aaa authentication dot1x default group
radius ONLY didn't avoid logging to the switch.

Is this normal ?? thanks for anyone clarification......

Regards,
Karim.

• Next message: James: "Re: Limitations of 3550emi"
• Previous message: Scott Morris: "RE: Limitations of 3550emi"
• Maybe in reply to: Karim: "AAA authentication... affecting login ????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:49 GMT-3