Cisco Cisco IOS Software Release 12.2(27)SBC
RADIUS Server Load Balancing
test aaa group
35
Cisco IOS Security Configuration Guide
test aaa group
To associate a dialed number identification service (DNIS) or calling line identification (CLID) user
profile with the record that is sent to the RADIUS server or to manually test load balancing server status,
use the test aaa group command in privileged EXEC mode.
profile with the record that is sent to the RADIUS server or to manually test load balancing server status,
use the test aaa group command in privileged EXEC mode.
DNIS and CLID User Profile
test aaa group {group-name | radius} username password new-code [profile profile-name]
RADIUS Server Load Balancing Manual Testing
test aaa group group-name [server ip-address] [auth-port port-number] [acct-port port-number]
username password new-code [count n] [rate m] [blocked {yes | no}]
Syntax Description
group-name
Subset of RADIUS servers that are used as defined by the server group
group-name.
group-name.
radius
Uses RADIUS servers for authentication.
username
Specifies a name for the user.
Caution
If you use this command to manually test RADIUS load balancing
server state, it is recommended that a test user, one that is not
defined on the RADIUS server, be used to protect against security
issues that may arise if the test user is not correctly configured.
server state, it is recommended that a test user, one that is not
defined on the RADIUS server, be used to protect against security
issues that may arise if the test user is not correctly configured.
password
Character string that specifies the password.
new-code
The code path through the new code, which supports a CLID or DNIS user
profile association with a RADIUS server.
profile association with a RADIUS server.
profile profile-name
(Optional) Identifies the user profile specified in the aaa user profile
command. To associate a user profile with the RADIUS server, the user
profile name must be identified.
command. To associate a user profile with the RADIUS server, the user
profile name must be identified.
server ip-address
(Optional) For RADIUS server load balancing, specifies which server in the
server group the test packets will be sent to.
server group the test packets will be sent to.
auth-port
(Optional) Specifies the User Datagram Protocol (UDP) destination port for
authentication requests.
authentication requests.
port-number
(Optional) Port number for authentication requests; the host is not used for
authentication if set to 0. If unspecified, the port number defaults to 1646.
authentication if set to 0. If unspecified, the port number defaults to 1646.
acct-port
(Optional) Specifies the UDP destination port for accounting requests.
port-number
(Optional) Port number for accounting requests; the host is not used for
accounting if set to 0. If unspecified, the port number defaults to 1646.
accounting if set to 0. If unspecified, the port number defaults to 1646.
count n
(Optional) Specifies how many authentication and accounting requests are
to be sent to the server for each port.
to be sent to the server for each port.
•
Default is 1.
•
Range for n is 1 – 50000.