https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4915913#M1103934 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1505026">@Raminkn20</a> technically there is no difference between the default or a named method list, you can configure them the same. Typically the default method list is used for authentication, authorisation and accounting.</P> <P>An example where a named authentication/authorisation method list may be used is if deploying differentiated 802.1X authentication, where on a switch different ports are authorised by different RADIUS servers. You'd require multiple method lists, each referencing difference RADIUS server group. Reference - <A href="https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515#toc-hId--409339797" target="_blank">https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515#toc-hId--409339797</A></P> <P>&nbsp;</P> Fri, 01 Sep 2023 07:42:34 GMT Rob Ingram 2023-09-01T07:42:34Z https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4915896#M1103933 <P>Hi, i have a question about aaa authorization.&nbsp;<BR />i started to learn about cisco ISE , but i got stuck in the:<BR />"aaa authorization network .... "&nbsp;command.</P><P>we know after "network" we can insert "default" or name of authorization list. what's the diffrence between them?</P> Fri, 01 Sep 2023 07:10:08 GMT https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4915896#M1103933 Raminkn20 2023-09-01T07:10:08Z https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4915913#M1103934 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1505026">@Raminkn20</a> technically there is no difference between the default or a named method list, you can configure them the same. Typically the default method list is used for authentication, authorisation and accounting.</P> <P>An example where a named authentication/authorisation method list may be used is if deploying differentiated 802.1X authentication, where on a switch different ports are authorised by different RADIUS servers. You'd require multiple method lists, each referencing difference RADIUS server group. Reference - <A href="https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515#toc-hId--409339797" target="_blank">https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515#toc-hId--409339797</A></P> <P>&nbsp;</P> Fri, 01 Sep 2023 07:42:34 GMT https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4915913#M1103934 Rob Ingram 2023-09-01T07:42:34Z https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4916021#M1103938 <P>Hello&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1505026">@Raminkn20</a>,</P><P>Technically, you can configure both the 'default' and named method lists to contain similar authorization settings. The key advantage of using named authorization method lists is the ability to create customized authorization policies that cater to specific network scenarios, user groups, or RADIUS server configurations. This level of customization is particularly valuable in complex network environments.</P><P>In simpler setups, the 'default' method list often serves well for most cases because it provides a convenient way to apply a common set of authorization policies across the device. However, as <a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/97036">@Rob Ingram</a>&nbsp; mentioned, in more sophisticated network deployments where differentiation based on various criteria (like RADIUS server groups) is required, named method lists become essential for managing and applying distinct authorization rules to different scenarios.</P><P>&nbsp;</P> Fri, 01 Sep 2023 09:36:22 GMT https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4916021#M1103938 M02@rt37 2023-09-01T09:36:22Z https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4916383#M1103956 <P>Great, i find out ... Thanks my friend</P> Fri, 01 Sep 2023 19:28:32 GMT https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4916383#M1103956 Raminkn20 2023-09-01T19:28:32Z https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4916385#M1103957 <P>thanks for your explanation .... i figured out</P> Fri, 01 Sep 2023 19:29:40 GMT https://community.cisco.com/t5/network-security/aaa-authorization-network/m-p/4916385#M1103957 Raminkn20 2023-09-01T19:29:40Z