CÔNG TY TNHH CÔNG NGHỆ VIỆT THÁI DƯƠNG
Logo CNTTShop.vn

NTT03, Line 1, Thống Nhất Complex, Thanh Xuân, Hà Nội.
KD: 0966 658 525 - 0979 925 386 Purchase: 0906 051 599
Danh mục sản phẩm

Configure the Authorization Function in the AAA Domain

After successful authentication, the authorization function of AAA can control the rights of administrator users for device resources and access for network resources, restrict administrators to execute unauthorized commands, and restrict access users to access unauthorized network resources.

Configuration Condition

When configuring the command line authorization in the domain, first configure the authorization of enabling the command line so that the configured command line authorization in the domain can take effect.

Configure the Authorization Method in the ISP Domain

When a user executes an authorization item in a specific ISP domain, AAA can authorize the user, grant the user certain authorities, and prohibit the unauthorized user to execute the authorization item in the domain.

Table 11-4 Configure the authorization method list in the ISP domain

Step

Command

Description

Enter the global configuration mode

configure terminal

-

Enter the ISP domain view

domain isp-name

Mandatory

By default, the system has one ISP domain named system.

Configure the default authorization method in the ISP domain

aaa authorization default { if-authenticated / local / none / radius-group group-name / tacacs-group group-name }

Optional

By default, the authorization method in the ISP domain is none.

Configure the commands authorization method in the ISP domain

aaa authorization commands cmd-lvl { if-authenticated / none / radius-group group-name / tacacs-group group-name }

Optional

By default, do not configure the commands authorization method in the ISP domain, and the authorization method in the domain is none.

The command authorization function must be enabled so that the configuration can take effect.

Configure the authorization method of the user logging into the device in the ISP domain

aaa authorization login { if-authenticated / local / none / radius-group group-name / tacacs-group group-name }

Optional

By default, do not configure the login authorization method in the ISP domain, but adopt the default authorization method in the domain.

note

  • The AAA authorization commands and aaa authorization config-commands commands are configured in no sequence.

Danh mục sản phẩm

Bộ Phát Wifi
Thiết Bị Chuyển Mạch Switch
Module Quang
Tường Lửa Firewall
Router Cân Bằng Tải
Máy Chủ Server
Phụ Kiện Server
Logo Công Ty TNHH Việt Thái Dương

Công Ty TNHH Công Nghệ Việt Thái Dương

CNTTShop.vn đã đăng ký bộ công thương DMCA.com Protection Status

Văn phòng Hà Nội:

NTT03, Line1, Thống Nhất Complex,
Thanh Xuân, Hà Nội.

Điện thoại:  0962.052.874

Email:  kd2@cnttshop.vn

Văn phòng TPHCM:

Số 31B, Đường 1, Phường An Phú,
Quận 2 (Thủ Đức), TP HCM.

Điện thoại:  0967.415.023

Email:  kd5@cnttshop.vn