Example: Configuring System Authentication
The following example allows login only by:
If a user logs in and is not authenticated by the RADIUS server, the user is denied access to the C-series platform. However, if the RADIUS server is not available, the user can be authenticated through an SRC password.
In this example, user configuration includes:
- An individual user account for Philip that provides privileges for the
super-user
class after RADIUS authentication.- A remote user template account for all other users to share the same class and user ID (UID) after RADIUS authentication.
Individual SRC accounts are not configured for other users. When they log in to the system and the RADIUS server authenticates them, they are given access using the same UID 9999 and the same privileges for the
operator
class.[edit]system {authentication-order radius;login {user philip {full-name "Philip";uid 1001;class super-user;}user remote {full-name "All remote users";uid 9999;class operator;}}}