Configuring AAA Services on Cisco IOS XR Software
How to Configure AAA Services
SC-36
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
OL-20382-01
Configuring RADIUS Server Groups
This task configures RADIUS server groups.
The user can enter one or more server commands. The server command specifies the hostname or IP
address of an external RADIUS server along with port numbers. When configured, this server group can
be referenced from the AAA method lists (used while configuring authentication, authorization, or
accounting). (See the
“Method Lists” section.)
Prerequisites
For configuration to succeed, the external server should be accessible at the time of configuration.
SUMMARY STEPS
1. configure
2. aaa group server radius group-name
3. server {host-name | ip-address} [auth-port port-number] [acct-port port-number]
4. Repeat Step 3. for every external server to be added to the server group named in Step 2.
5. server-private {hostname | ip-address} [auth-port port-number] [acct-port port-number]
[timeout seconds] [retransmit retries] [key string]
6. deadtime minutes
7. end
or
commit
8. show radius server-groups [group-name [detail]]
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
aaa group server radius group-name
Example:
RP/0/RP0/CPU0:router(config)# aaa group server
radius radgroup1
Groups different server hosts into distinct lists and enters
the server group configuration mode.
Step 3
server {hostname | ip-address} [auth-port
port-number] [acct-port port-number]
Example:
RP/0/RP0/CPU0:router(config-sg-radius)# server
192.168.20.0
Specifies the hostname or IP address of an external
RADIUS server.
• After the server group is configured, it can be
referenced from the AAA method lists (used while
configuring authentication, authorization, or
accounting).
To Next Page
Loading...
Need help?
General
