Cisco Cisco ASR 5500 Administrator's Guide
AAA Interface Configuration
▀ Configuring RADIUS AAA Functionality
▄ Cisco ASR 5x00 AAA Interface Administration and Reference
22
Configuring RADIUS AAA Functionality
RADIUS-based AAA functionality must be configured at the context and system levels. This section describes how to
configure the RADIUS-based AAA parameters at the context and system levels.
configure the RADIUS-based AAA parameters at the context and system levels.
To configure RADIUS AAA functionality:
Step 1
Configure RADIUS AAA functionality at context level as described in the
section.
Step 2
Step 3
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
command
command
save configuration
. For additional information on how to verify and save configuration files, refer to the
System Administration Guide and the Command Line Interface Reference.
Important:
Commands used in the configuration examples in this section provide base functionality to
the extent that the most common or likely commands and/or keyword options are presented. In many cases,
other optional commands and/or keyword options are available. Refer to the Command Line Interface
Reference for complete information regarding all commands.
other optional commands and/or keyword options are available. Refer to the Command Line Interface
Reference for complete information regarding all commands.
Configuring RADIUS AAA Functionality at Context Level
This section describes how to configure context-level RADIUS parameters for subscriber authentication and accounting
(optional). As noted in this reference, RADIUS-based AAA functionality can be configured within any context, even its
own.
(optional). As noted in this reference, RADIUS-based AAA functionality can be configured within any context, even its
own.
Important:
This section provides minimum instructions to configure context-level AAA functionality that allows
the system to process data sessions. Commands that configure additional context-level AAA properties are described in
the Understanding the System Operation and Configuration chapter of the System Administration Guide.
the Understanding the System Operation and Configuration chapter of the System Administration Guide.
Important:
Commands except
change-authorize-nas-ip
,
accounting prepaid
,
accounting prepaid
custom
, and
accounting unestablished-sessions
used in this section, or in the Understanding the System
Operation and Configuration chapter, are also applicable to support AAA server group for AAA functionality. For
details on AAA server group functionality, see the
details on AAA server group functionality, see the
To configure RADIUS AAA functionality at the context level use the following configuration:
configure
context <context_name>
radius server <ipv4/ipv6_address> key <shared_secret> [ max <value> ] [
oldports | port <tcp_port> ] [ priority <priority> ]
oldports | port <tcp_port> ] [ priority <priority> ]
radius [ mediation-device ] accounting server <ipv4/ipv6_address> key
<shared_secret> [ acct-on { enable | disable } ] [ acct-off { enable | disable }
<shared_secret> [ acct-on { enable | disable } ] [ acct-off { enable | disable }