EasyManua.ls Logo

Cisco 10000-2P2-2DC - Page 199

Cisco 10000-2P2-2DC
624 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
5-33
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server
L2TP Network Server
Step 4
Router(config)# aaa authorization network
list-name method1 [method2...]
Sets parameters that restrict user access to a network.
The list-name argument is a character string used to name the list
of authentication methods tried when a user logs in.
The method1[method2...] argument is at least one of the following
keywords:
group radius—Uses the list of all RADIUS servers for
authentication.
group group-name—Uses a subset of RADIUS servers for
authentication as defined by the aaa group server radius
command.
if-authenticated—Succeeds if user has been successfully
authenticated.
local—Uses the local username database for authentication.
none—Uses no authentication.
Step 5
Router(config)# aaa accounting {system
default [vrf vrf-name] | network {default
| none | start-stop | stop-only |
wait-start} group group-name
Enables AAA accounting of requested services for billing or
security purposes when you use RADIUS.
The system default keyword performs accounting for all
system-level events not associated with users, such as reloads.
The vrf vrf-name keyword and argument specify a VRF
configuration.
The network keyword runs accounting for all network-related
service requests.
The default keyword specifies the default accounting list:
none—No accounting.
start-stop—Record stop and start without waiting.
stop-only—Record stop when service terminates.
wait-start—Record stop and start after start-record commit.
The group group-name keyword and argument use a subset of
RADIUS servers for accounting as defined by the server group
group-name.
Step 6
Router(config)# aaa accounting
delay-start vrf vrf-name
Delays generation of the start accounting records until the user
IP
address is established.
The vrf vrf-name keyword and argument enables the specification
on a per VRF basis.
Step 7
Router(config)# aaa accounting send
stop-record authentication failure vrf
vrf-name
Generates accounting stop records for users who fail to
authenticate at login or during session negotiation.
The vrf vrf-name keyword and argument enables the specification
on a per VRF basis.
Command Purpose

Table of Contents

Related product manuals