aaa authentication login


aaa authentication login { default | authListName } authenticator [ authenticator ]*

no aaa authentication login authListName

Release Information

Command introduced before JunosE Release 7.1.0.


Creates an authentication list and the criteria for login. This authentication is applied to vty users. After you have specified aaa new-model as the authentication method for vty lines, an authentication list called default is automatically assigned to the vty lines. To allow users to access the vty lines, you must create an authentication list and either:

The system traverses the list of authentication methods to determine whether a user is allowed to start a Telnet session. If a specific method is available but the user information is not valid (such as an incorrect password), the system does not continue to traverse the list and denies the user a session. If a specific method is unavailable, the system continues to traverse the list. For example, if tacacs+ is the first authentication type element on the list and the TACACS+ server is unreachable, the system attempts to authenticate with the next authentication type on the list, such as radius. The system assumes an implicit denial of service if it reaches the end of the authentication list without finding an available method. The no version disables AAA authentication.



Global Configuration

Related Documentation