Configuring ISG Integration with SCE
Configuration Examples for ISG Integration with SCE
12
Version: 1.0
Conn up time: 00:04:00
Conf keepalive: 0
Negotiated keepalive: 1000
Time since last keepalive: 00:04:00
Remove owner on pull: TRUE
Associated session details:
12.134.4.5session_guid_str
12.34.4.5session_guid_str
Configuration Examples for ISG Integration with SCE
This section contains the following examples:
• ISG Control Bus Configuration: Example, page 12
• ISG Integration with SCE: Example, page 12
• SCE Control Bus Configuration: Examples, page 13
ISG Control Bus Configuration: Example
The following example shows how to configure the ISG control bus with the SCE management IP
address and shared authentication key:
aaa server radius policy-device
client 10.10.10.10
key cisco
message-authenticator ignore
!
policy-peer address 10.10.10.10 keepalive 60
!
interface GigabitEthernet5/1/1
ip address 10.10.10.1 255.255.255.0
!
ISG Integration with SCE: Example
The following example shows how to configure two SCEs, each with the same authentication and
accounting ports. ISG handles CoA messages on port 1700 for one SCE and on default port 3799 for the
other SCE. Peering is maintained for each SCE with the ISG via different keepalive intervals.
When a user session starts, POLICY-LOCAL is applied. If the user’s profile at the AAA server has
auto-logon, the session will begin using the SCE-SERVICE-LOCAL service. This service has the SCE
service-monitor facility enabled. If the user profile does not specify auto-logon to the
SCE-SERVICE-LOCAL service, SCE will use its default values for the policy-name argument and the
service-monitor command, which are configured at the SCE.
aaa accounting network service_acct start-stop group radius
aaa accounting network session_acct start-stop group radius
aaa server radius policy-device
authentication port 1343
accounting port 1345
message-authenticator ignore
client 10.10.10.1 port 1341 key cisco
To Next Page
Loading...
Need help?
General