Juniper Networks
Log in
|
How to Buy
|
Contact Us
|
United States (Change)
Choose Country
Close

Choose Country

North America

  • United States

Europe

  • Deutschland - Germany
  • España - Spain
  • France
  • Italia - Italy
  • Россия - Russia
  • United Kingdom

Asia Pacific

  • Asean Region (Vietnam, Indonesia, Singapore, Malaysia)
  • Australia
  • 中国 - China
  • India
  • 日本 - Japan
  • 대한민국 - Korea
  • 台灣 - Taiwan
Solutions
Products & Services
Company
Partners
Support
Education
Community
Security Intelligence Center

Technical Documentation

Support
Technical Documentation
Content Explorer New
 
Enterprise MIBs
 
EOL Documentation
 
Feature Explorer Login required New
 
File Format Help
 
Glossary
 
Portable Libraries
 
 
Home > Support > Technical Documentation > JunosE Software > aaa authentication login
Print
Rate and give feedback:  Feedback Received. Thank You!
Rate and give feedback: 
Close
This document helped resolve my issue.  Yes No

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:  
E-mail: 
Submitting...

aaa authentication login

Syntax

aaa authentication login { default | authListName } authenticator [ authenticator ]*

no aaa authentication login authListName

Release Information

Command introduced before JunosE Release 7.1.0.

Description

Creates an authentication list and the criteria for login. This authentication is applied to vty users. After you have specified aaa new-model as the authentication method for vty lines, an authentication list called default is automatically assigned to the vty lines. To allow users to access the vty lines, you must create an authentication list and either:

  • Name the list default.
  • Assign a different name to the authentication list, and assign the new list to the vty line using the login authentication command.

The system traverses the list of authentication methods to determine whether a user is allowed to start a Telnet session. If a specific method is available but the user information is not valid (such as an incorrect password), the system does not continue to traverse the list and denies the user a session. If a specific method is unavailable, the system continues to traverse the list. For example, if tacacs+ is the first authentication type element on the list and the TACACS+ server is unreachable, the system attempts to authenticate with the next authentication type on the list, such as radius. The system assumes an implicit denial of service if it reaches the end of the authentication list without finding an available method. The no version disables AAA authentication.

Options

  • default—Specifies the use of the default login for authentication
  • authListName—Existing authentication list name (created using the login authentication command); a string of 1–32 characters
  • authenticator—Authentication method:
    • line—Use the line password for authentication
    • none—Use no authentication
    • radius—Use RADIUS authentication
    • tacacs+—Use TACACS+ authentication
  • *—Indicates that one or more parameters can be repeated multiple times in a list in the command line

Mode

Global Configuration

Published: 2012-06-28

 
  • About Juniper
  • Investor Relations
  • Press Releases
  • Newsletters
  • Juniper Offices
  • Green Networking
  • Resources
  • How to Buy
  • Partner Locator
  • Image Library
  • Visio Templates
  • Security Center
  • Community
  • Forums
  • Blogs
  • Junos Central
  • Social Media
  • Developers
  • Support
  • Technical Documentation
  • Knowledge Base (KB)
  • Software Downloads
  • Product Licensing
  • Contact Support
Site Map / RSS Feeds / Careers / Accessibility / Feedback / Privacy & Policy / Legal Notices
Copyright© 1999-2012 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out