Re: aaa authentication

Rupesh Kashyap · ‎05-01-2009

Why authenticatiion Default and NO_AUTH. I am totally confused, please help

aaa new-model

aaa authentication login default line

aaa authentication login NO_AUTH none

line console 0

login authentication NO_AUTH

lamav · ‎05-01-2009

Hi:

There is a method list named NO_AUTH that is used in the event that the defualt authentication method fails.

Read this link, it will help a lot.

http://www.cisco.com/en/US/docs/ios/12_0/security/command/reference/srathen.html#wp1017794

HTH

Victor

Rupesh Kashyap · ‎05-01-2009

sir, for duble redundancy, we have to write the command in Single line. But here, you can see Two seperate line. And one thing more, in Console, only Auth with None is used? What does it mean ?

johnlloyd_13 · ‎05-01-2009

your aaa authentication is set in a hierarchical method:

it will first try method 1:

aaa authentication login default line

> this means that a user authenticates using the password set on your line (console, aux or vty)

if method 1 is not met, it checks method 2:

aaa authentication login NO_AUTH none

> 'none' means no authentication is required or you automatically login into the device. the NO_AUTH is then applied to your console line

you can write an alternative single command using:

aaa authentication login {default | list-name} method1 [method2...]

aaa authentication login default NO_AUTH line none

Rupesh Kashyap · ‎05-01-2009

Thanks sir, you have helped me a lot.