What is in method list ?

fsusanto · ‎11-14-2001

Dear all,

if i use the command

aaa authentication ppp default tacacs+

what would the default method list contains ?, would it be username ?

is the default method list correspond to the default user group on the ACS ?

how do you create and associate a method list to users?

thank you in advance,

msitzman · ‎11-15-2001

The method list is the defined ways that you will try to authenticate/authorize/account for your users. In the example you list above, your method list contains tacacs+. Since you used the keyword default, this method list will be applied to any ppp connections terminating on this router. If you would have used a name, say dial-up, you would have to manually apply the method list to each interface for the ppp connections.

Sometimes the tacacs+ server is not available and you do not want to just disconnect the user without trying some other way to authenticate the user. The following example will try tacacs+ first, then RADIUS, then local for authentication.

aaa authentication ppp default tacacs+ radius local

If tacacs+ returns a "error" message, it will move to the next method. It will not go to the next method if it returns "fail".

Hope this helps...

fsusanto · ‎11-18-2001

So there is no connection between a method list and usernames ?

where do i define this method list ?

suppose i use

aaa authentication login default tacacs+

aaa authentication login engineer local

where do i define engineer method list ?