Security

last person joined: 3 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Local User & Radius Users

Jump to Best Answer

  • 1.  Local User & Radius Users

    Posted Jul 16, 2019 09:57 AM

    Hi all,

     

    Probably it's a simply question but we haven't been able to solve it. 

     

    We want to authenticate to aruba switches 2930F via radius. It works fine. The problem is that at the same time we want also a local user that not  authenticates with radius and hass a manager permissions.

     

    Is that possible?

     

    we have the following configs:

     

    aaa authentication ssh login radius local

     

    Many thanks in advance

     

     



  • 2.  RE: Local User & Radius Users
    Best Answer

    Posted Jul 16, 2019 02:53 PM

    Greetings!

     

    There are two different types of local users on AOS-Switch. 

     

    The first type includes the built-in manager and operator accounts, configured using the password manager and password operator commands. These accounts should both be password-protected to prevent unauthorized access to the switch, and can be used as a fallback option when RADIUS authentication is not available due to a server outage or connectivity issue.

     

    The second type utilizes the Role-Based Access Control (RBAC) feature to define additional local user accounts with varying levels of configuration or monitoring permissions. These accounts can also be used as a local authentication option to configure or monitor the switch when RADIUS is unavailable.