A Commands
This chapter describes the Cisco Nexus 1000V commands that begin with A.
aaa authentication login console
To configure AAA authentication methods for console logins, use the aaa authentication login console command. To revert to the default, use the no form of this command.
aaa authentication login console {group group-list } [none] | local | none }
no aaa authentication login console {group group-list [none] | local | none }
Syntax Description
Specifies a space-separated list of server groups. The list can include the following: |
|
Defaults
Command Modes
Command History
|
|
Usage Guidelines
The group radius, group tacacs+, and group group-list methods refer to a set of previously defined RADIUS or TACACS+ servers. Use the radius-server host or tacacs-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.
Use the show aaa group command to display the RADIUS server groups on the device.
If you specify more that one server group, the software checks each group in the order that you specify in the list.
If you specify the group method or local method and they fail, then the authentication can fail. If you specify the none method alone or after the group method, then the authentication always succeeds.
Examples
This example shows how to configure the AAA authentication console login methods:
This example shows how to revert to the default AAA authentication console login method:
Related Commands
|
|
---|---|
aaa authentication login default
To configure the default AAA authentication methods, use the aaa authentication login default command. To revert to the default, use the no form of this command.
aaa authentication login default { group group-list } [ none ] | local | none }
no aaa authentication login default { group group-list [ none ] | local | none }
Syntax Description
Specifies a server group list to be used for authentication. |
|
Space-separated list of server groups that can include the following: |
|
(Optional) Specifies to use the username for authentication. |
|
Defaults
Command Modes
Command History
|
|
Usage Guidelines
The group radius, group tacacs+, and group group-list methods refer to a set of previously defined RADIUS or TACACS+ servers. Use the radius-server host or tacacs-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.
Use the show aaa group command to display the RADIUS server groups on the device.
If you specify more that one server group, the software checks each group in the order that you specify in the list.
If you specify the group method or local method and they fail, then the authentication fails. If you specify the none method alone or after the group method, then the authentication always succeeds.
Examples
This example shows how to configure the AAA authentication console login method:
This example shows how to revert to the default AAA authentication console login method:
Related Commands
|
|
---|---|
aaa authentication login error-enable
To configure an AAA authentication failure message to display on the console, use the aaa authentication login error-enable command. To remove the error message, use the no form of this command.
aaa authentication login error-enable
no aaa authentication login error-enable
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
If none of the remote AAA servers respond when a user logs in, the authentication is processed by the local user database. If you have enabled the display, one of the following message is generated for the user:
Examples
This example shows how to enable the display of AAA authentication failure messages to the console:
This example shows how to disable the display of AAA authentication failure messages to the console:
Related Commands
|
|
---|---|
Displays the status of the AAA authentication failure message display. |
aaa authentication login mschap
To enable Microsoft Challenge Handshake Authentication Protocol (MSCHAP) authentication at login, use the aaa authentication login mschap command. To disable MSCHAP, use the no form of this command.
aaa authentication login mschap
no aaa authentication login mschap
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable MSCHAP authentication:
This example shows how to disable MSCHAP authentication:
Related Commands
|
|
---|---|
aaa group server radius
To create a RADIUS server group, use the aaa group server radius command. To delete a RADIUS server group, use the no form of this command.
aaa group server radius group-name
no aaa group server radius group-name
Syntax Description
RADIUS server group name.The name is alphanumeric and case-sensitive. The maximum length is 64 characters. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to create a RADIUS server group and enter RADIUS Server Configuration mode for configuring the specified server group:
This example shows how to delete a RADIUS server group:
Related Commands
|
|
---|---|
aaa group server tacacs+
To create a TACACS+ server group, use the aaa group server tacacs+ command. To delete a TACACS+ server group, use the no form of this command.
aaa group server tacacs+ group-name
no aaa group server tacacs+ group-name
Syntax Description
TACACS+ server group name. The name is alphanumeric and case-sensitive. The maximum length is 64 characters. |
Defaults
Command Modes
Command History
|
|
Usage Guidelines
You must enable TACACS+ using the tacacs+ enable command before you can configure TACACS+.
Examples
This example shows how to create a TACACS+ server group:
This example shows how to delete a TACACS+ server group:
Related Commands
|
|
---|---|
assign port-profile-role
To assign a port profile role to a specific port profile, use the assign port-profile-role command. To remove the role from the profile, use the no form of this command.
assign port-profile-role port-profile-role-name
no assign port-profile-role port-profile-role-name
Syntax Description
Defaults
Command Modes
port-profile configuration (config-port-profile)
Command History
|
|
Examples
This example shows how to assign a port profile role to a specific port profile:
This example shows how to remove a role from a port profile configuration:
Related Commands
attach module
To access the standby Virtual Supervisor Module (VSM) console from the active VSM, use the attach module command.
Syntax Description
Number that identifies an existing module. The range is 1–66. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to attach to the console of the secondary VSM:
(
config)
# attach module 2
Usage Guidelines
Although the allowable range of module numbers is from 1–66, only one value, 2, is operational.
Related Commands
|
|
---|---|
attach vem
To execute any VEM command without logging into the VEM, use the attach vem command. By using the attach vem command, you can get into the VEM and execute all the VEM commands.
Syntax Description
Number that identifies an existing module. The range is 3–130. |
Defaults
Command Modes
Command History
|
|
Examples
(
config)
# attach vem 4
Related Commands
|
|
---|---|