Tuesday, June 5, 2012

Using Multiple Authentication Methods


  • AAA authentication allow multiple servers & multiple authentication methods.
  • So user can be authenticated even if one authentication method is not working.
  • The aaa authentication command supports up to four methods on a single command.
  • No limit to the number of RADIUS or TACACS+ servers that can be referenced.
  • Logic used by IOS when using these methods are:
    • Based on the 1st listed method first, if that methode not respond, move to the next & then next & so on until a method responds. Use the first- responding-server's decision (allow or reject).
    • If no response occurs for any method, reject the request.