Connectivity Guide

Table Of Contents
ip telnet server vrf
Congures the Telnet server for the management or non-default VRF instance.
Syntax
ip telnet server vrf {management | vrf vrf-name}
Parameters
managementCongures the management VRF used to reach the Telnet server.
vrf vrf-name — Enter the keyword vrf followed by the name of the VRF to congure the non-default
VRF instance used to reach the Telnet server.
Default The Telnet server is reachable on the default VRF.
Command Mode CONFIGURATION
Usage Information By default, the Telnet server is disabled. To enable the Telnet server, use the telnet enable command.
Example
OS10(config)# ip telnet server vrf management
OS10(config)# ip telnet server vrf vrf-blue
Supported Releases 10.4.0E(R1) or later
Security
Authentication, authorization, and accounting (AAA) services secure networks against unauthorized access. In addition to local
authentication, OS10 supports remote authentication dial-in user service (RADIUS) and terminal access controller access control system
(TACACS+) client/server authentication systems. For RADIUS and TACACS+, an OS10 switch acts as a client and sends authentication
requests to a server that contains all user authentication and network service access information.
A RADIUS or TACACS+ server provides authentication (user credentials verication), authorization (role-based permissions), and
accounting services. You can congure the security protocol used for dierent login methods and users. RADIUS provides very limited
authorization and accounting services compared to TACACS+.
An OS10 switch uses a list of authentication methods to dene the types of authentication and the sequence in which they apply. By
default, only the local authentication method is congured.
The authentication methods in the method list execute in the order in which you congure them. You can re-enter the methods to change
the order. The local authentication method remains enabled even if you remove all congured methods in the list using the no aaa
authentication login {console | default}
command.
Congure the AAA authentication method in CONFIGURATION mode.
aaa authentication login {console | default} {local | group radius | group tacacs+}
consoleCongure authentication methods for console logins.
defaultCongure authentication methods for non-console such as SSH and Telnet logins.
local — Use the local username, password, and role entries congured with the username password role command.
group radius — Use the RADIUS servers congured with the radius-server host command.
group tacacs+ — Use the TACACS+ servers congured with the tacacs-server host command.
Congure user role on server
If a console user logs in with RADIUS or TACACS+ authentication, the role you congured for the user on the RADIUS or TACACS+ server
applies. User authentication fails if no role is congured on the authentication server.
In addition, you must congure the user role on the RADIUS or TACACS+ server using the vendor-specic attribute (VSA) or the
authentication fails. Dell's vendor ID is 674. You create a VSA with Name = Dell-group-name, OID = 2, Type = string. Valid
System management
613