EasyManua.ls Logo

Cisco 10000-2P2-2DC - Configuring RADIUS

Cisco 10000-2P2-2DC
624 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
10-9
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 10 Configuring Address Pools
On-Demand Address Pool Manager
For an example of how to configure AAA, see Example 10-3 in the “Configuring RADIUS” section on
page 10-9.
Configuring RADIUS
To configure RADIUS on the Cisco 10000 router, enter the following commands in global configuration
mode:
Example 10-3 configures an address pool named Green and a RADIUS server from which the Green
address pool obtains its subnets. The RADIUS server is located at the IP address 172.16.1.1.
Example 10-3 Configuring AAA and RADIUS
!
aaa new-model
!
aaa authorization configuration default group radius
aaa accounting network default start-stop group radius
aaa session-id common
!
ip subnet-zero
!
ip dhcp ping packets 0
!
ip dhcp pool Green
vrf Green
utilization mark high 50
utilization mark low 30
origin aaa subnet size initial /28 autogrow /28
!
ip vrf Green
rd 300:1
route-target export 300:1
route-target import 300:1
!
interface Ethernet1/1
ip address 172.16.1.12 255.255.255.0
duplex half
Command Purpose
Step 1
Router(config)# ip radius
source-interface subinterface-name
Forces the Cisco 10000 router to use the IP address of the
specified interface for all outgoing RADIUS packets.
Step 2
Router(config)# radius-server host
ip-address auth-port port-number
acct-port port-number
Specifies a RADIUS server host.
Step 3
Router(config)# radius server attribute
32 include-in-access-req
Sends RADIUS attribute 32 (NAS-Identifier) in an access request
or accounting request.
Step 4
Router(config)# radius server attribute
44 include-in-access-req
Sends RADIUS attribute 44 (Accounting Session ID) in an access
request or accounting request.
Step 5
Router(config)# radius-server vsa send
accounting
Configures the Cisco 10000 router, acting as the network access
server (NAS), to recognize and use vendor-specific accounting
attributes.
Step 6
Router(config)# radius-server vsa send
authentication
Configures the Cisco 10000 router (NAS) to recognize and use
vendor-specific authentication attributes.

Table of Contents

Related product manuals