Authentication and Authorization Process

Authentication is the process of verifying the identity of the person managing the switch. This identity verification is based on the user ID and password combination provided by the person trying to manage the switch. The Cisco MDS 9000 Family switches allow you to perform local authentication (using the lookup database) or remote authentication (using one or more RADIUS servers or TACACS+ servers).

The following steps explain the authorization and authentication process. shows a flow chart of the process.

Switch Authorization and Authentication Flow

 Switch Authorization and Authentication Flow

  1. When you can log in to the required switch in the Cisco MDS 9000 Family, you have the option to use the Telnet, SSH, or Console login options.
  2. When you configure server groups using the server group authentication method, an authentication request is sent to the first AAA server in the group.
  3. When you are successfully authenticated through a remote AAA server, then the following possibilities apply:
  4. If your user name and password are successfully authenticated, you are allowed to log in.