Configuring AAA Services on Cisco IOS XR Software
How to Configure AAA Services
SC-30
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
OL-20382-01
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
radius-server deadtime minutes
Example:
RP/0/RP0/CPU0:router(config)# radius-server
deadtime 5
Improves RADIUS response times when some servers
might be unavailable and causes the unavailable servers to
be skipped immediately.
Step 3
radius-server dead-criteria time seconds
Example:
RP/0/RP0/CPU0:router(config)# radius-server
dead-criteria time 5
Establishes the time for the dead-criteria conditions for a
RADIUS server to be marked as dead.
Step 4
radius-server dead-criteria tries tries
Example:
RP/0/RP0/CPU0:router(config)# radius-server
dead-criteria tries 4
Establishes the number of tries for the dead-criteria
conditions for a RADIUS server to be marked as dead.
Step 5
end
or
commit
Example:
RP/0/RP0/CPU0:router(config)# end
or
RP/0/RP0/CPU0:router(config)# commit
Saves configuration changes.
• When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
–
Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
–
Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Step 6
show radius dead-criteria host ip-addr
[auth-port auth-port] [acct-port acct-port]
Example:
RP/0/RP0/CPU0:router# show radius dead-criteria
host 172.19.192.80
(Optional) Displays dead-server-detection information that
has been requested for a RADIUS server at the specified IP
address.