aaa authentication limit-login-attempts

Syntax

aaa authentication limit-login-attemptslockout-time没有aaa authentication limit-login-attempts

备注说明iption

Enables local login attempt limiting. If the number of failed local login attempts equals the configured threshold, the user is locked out for the configured duration.

The没有form of this command disables local login attempt limits.

NOTE:

This local login attempt limiting feature is only available when not using remote authentication through AAA servers (TACACS+ or RADIUS).

Command context

config

Parameters

: Specifies the threshold of failed local login attempts that triggers user lockout. Range: 1 to 10. For example, ifis set to1, a single failed login attempt triggers immediate user lockout.
: Specifies the amount of time a user is locked out. Range: 1 to 3600 seconds.

Authority

Administrators or local user group members with execution rights for this command.

Examples

Enabling local login attempt failure limiting with a 20 second lockout being triggered upon the fourth consecutive login attempt failure.

switch(config)#aaa authentication limit-login-attempts 4 lockout-time 20

禁用登录尝试失败限制:

switch(config)#没有aaa authentication limit-login-attempts