Enabling ISG to Interact with External Policy Servers
How to Enable ISG to Interact with External Policy Servers
4
Configuring the ISG as a AAA Server
Dynamic authorization allows a policy server to dynamically send policies to ISG. Perform this task to
configure the ISG as a AAA server and enable dynamic authorization.
SUMMARY STEPS
1. enable
2. configure terminal
3. aaa server radius dynamic-author
4. client {name | ip-address} [key [0 | 7] word] [vrf vrf-id]
5. port port-number
6. server-key [0 | 7] word
7. auth-type {all | any | session-key}
8. ignore {server-key | session-key}
9. end
Step 6
aaa authorization subscriber-service {default |
list-name} method1 [method2...]
Example:
Router(config)# aaa authorization
subscriber-service default radius
Specifies one or more AAA authorization methods for ISG
to use in providing a service.
Step 7
aaa accounting {auth-proxy | system | network |
exec | connection | commands level} {default |
list-name} [vrf vrf-name] {start-stop |
stop-only | none} [broadcast] group groupname
Example:
Router(config)# aaa accounting network default
start-stop group radius
Enables AAA accounting of requested services for billing
or security purposes.
Step 8
end
Example:
Router(config)# end
Exits global configuration mode.
Command or Action Purpose
To Next Page
Loading...
Need help?
General