RADIUS认证授权+本地逃生关键配置: #aaaauthentication-scheme radius_local authentication-mode radius local //RADIUS服务器认证不响应时转入本地认证domain default_admin authentication-scheme radius_local radius-server defaultlocal-user test password irreversible-cipher xxx local-user test privilege level 15 local-user test service-type ssh //本地需要创建与RADIUS服务器上相同的账号,保证当RADIUS服务器认证不响应转入本地认证后,能够进行认证# HWTACACS认证授权+本地逃生关键配置: #aaa authentication-scheme tacacs_local authentication-mode hwtacacs local //HWTACACS服务器认证不响应时转入本地认证 authorization-scheme tacacs_local authorization-mode hwtacacs local //HWTACACS服务器授权不响应时转入本地认证 authorization-cmd 15 hwtacacs local //只针对15级的管理员进行命令行授权 recording-scheme tacacs //命令行审计 recording-mode hwtacacs default //命令行审计 cmd recording-scheme tacacs //命令行审计 domain default_admin authentication-scheme tacacs_local authorization-scheme tacacs_local hwtacacs-server defaultlocal-user test password irreversible-cipher xxx local-user test privilege level 15 local-user test service-type ssh //本地需要创建与HWTACACS服务器上相同的账号,保证当HWTACACS服务器不响应转入本地认证后,能够进行认证 |