authentication mode

Description                                                    Enable tiered authentication.

Syntax                                                                  [no] authentication mode {multiple | single}

Parameter

Description

multiple

Enable “tiered” authentication, where the ACOS device will check the next method even if the primary method does respond but authentication fails using that method.

For example, if the primary method is RADIUS and the next method is TACACS+, and RADIUS rejects the admin, tiered authentication attempts to authenticate the admin using TACACS+.

This authentication behavior is summarized below:

1. Try method1. If a method1 server replies, permit or deny access based on the server reply.

2. If no method1 servers reply or a method1 server denies access, try method2.

3. If no method2 servers reply or a method2 server denies access, try method3.

4. If no method3 servers reply or a method3 server denies access, try method4. If authentication suc­ceeds, the admin is permitted. Otherwise, the admin is denied.

single

Enable single authentication mode, where the backup authentication method will only be used if the primary method does not respond. If the primary method does respond but denies access, then the secondary method is simply not used. The admin is not granted access.

This authentication behavior is summarized below:

1. Try method1. If a method1 server replies, permit or deny access based on the server reply.

2. Only if no method1 servers reply, try method2. If a method2 server replies, permit or deny access based on the server reply.

3. Only if no method2 servers reply, try method3. If a method3 server replies, permit or deny access based on the server reply.

4. Only if no method3 servers reply, try method4. If authentication succeeds, the admin is permitted. Otherwise, the admin is denied.

Default                                                                By default, single authentication mode is used.

Mode                                                                   Configuration mode

Table of Contents

Index

Glossary

-Search-

Back