Cisco Cisco Packet Data Gateway (PDG)
FNG Service Configuration Mode Commands
▀ aaa authentication
▄ Command Line Interface Reference, StarOS Release 17
5144
aaa authentication
Specifies the AAA group to use for FAP authentication.
Product
FNG
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > FNG Service Configuration
configure > context context_name > fng-service service_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-fng-service)#
Syntax
aaa authentication { context-name name aaa-group name | context-name name aaa-group name
}
}
no aaa authentication
no aaa authentication
Removes any existing authentication configuration.
context-name name
aaa-group
name
Specifies the context name and the AAA group name configured in the context for FAP authentication.
context-name
name
: Specifies the context where the AAA server group is defined as an alphanumeric
string of 1 through 79 characters.
aaa-group
name
: Specifies the name of the AAA group to be used for authentication as an alphanumeric
string of 1 through 63 characters.
Usage
Use this command to specify that during IPSec session establishment using IKEv2 setup, the FNG will use
Radius AAA for FAP authentication.
Radius AAA for FAP authentication.
Example
Use the following to configure device authentication for an AAA group named
aaa-10
in the FNG context
named
fng1
:
aaa authentication context-name fng1 aaa-group aaa-10