GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: dot1x posted 01/08/2008
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


So giving "aaa authentication login default none" will do both the jobs,
avoiding locking yourself out and reverting login method of con and vty to
the preconfigured method.




On Jan 8, 2008 4:38 AM, Darby Weaver <darbyweaver@xxxxxxxxx> wrote:

> Why not just:
>
> aaa authen login default none
>
> If one changes the credentials, won't the proctors get
> a bit upset.
>
> Unless you ask first...
>
> But they might already have credentials their scripts
> might need to use...
>
> In the case here, is your password the same as theirs
> if if it is now "none"?
>
> Hmmm...
>
> Things that make me go hmmm....
>
>
> Well, my mind is settled on this matter, is yours?
>
>
> --- Christian Zeng <christian@xxxxxxxxx> wrote:
>
> > Hi,
> >
> > * Joseph Saad wrote:
> > > !!!! guest-vlan will be used if the client doesn't
> > support dot1x  (i.e. EAP
> > > packets aren't detected)
> > >     fail-auth VLAN will be used when client  fails
> > authentication.
> >
> > Thanks for the hint, I didn't know this feature
> > exists (did my studies
> > with 12.2(25)SEC).
> >
> > >> aaa authen login CON none
> > >> aaa authen login VTY line
> > >>
> > >> line con0
> > >> login authen CON
> > >>
> > >> line vty 0 15
> > >> login authen VTY
> > >>
> > >> This reduces the risk when accidentally changing
> > the default method
> > >> later and break requirements or lock yourself
> > out.
> > >>
> > >
> > > !!! this obviously require the definition of
> > "username  U password p"
> > > statement ... but I could be stating the obvious.
> >
> > Username entry in the local db is not needed, the
> > VTY method uses the
> > line password (assuming it was there in the initial
> > config).
> >
> >
> > Christian
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html