Cisco Cisco ASR 5500 Administrator's Guide
AAA Interface Configuration
▀ Configuring System-Level AAA Functionality
▄ Cisco ASR 5x00 AAA Interface Administration and Reference
32
Configuring System-Level AAA Functionality
There are system-level AAA parameters that must be configured in order to provide AAA functionality for subscriber
and context-level administrative user sessions. As noted in Understanding the System Operation and Configuration
chapter of the System Administration Guide, AAA functionality can be configured within any context, even its own.
and context-level administrative user sessions. As noted in Understanding the System Operation and Configuration
chapter of the System Administration Guide, AAA functionality can be configured within any context, even its own.
Important:
Commands used in the configuration examples in this section provide base functionality to the extent
that the most common or likely commands and/or keyword options are presented. In many cases, other optional
commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete
information regarding all commands.
commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete
information regarding all commands.
This procedure applies to both RADIUS and Diameter.
To configure system-level AAA functionality use the following configuration:
configure
aaa default-domain subscriber <domain_name>
aaa default-domain administrator <domain_name>
aaa last-resort context subscriber <context_name>
aaa last-resort context administrator <context_name>
aaa username-format { domain | username } { @ | % | - | \ | # | / }
end
Notes:
<domain_name>
is the name of the domain, or context, to use for performing AAA functions in the subscriber
session. For information on the role of the default domain in the context selection process can be found in the
Understanding the System Operation and Configuration chapter of the System Administration Guide.
Understanding the System Operation and Configuration chapter of the System Administration Guide.
<context_name>
must be the name of the context to use for performing AAA functions in the subscriber
session. Additional information on the role of the last-resort context in the context selection process can be
found in the Understanding the System Operation and Configuration chapter of the System Administration
Guide.
found in the Understanding the System Operation and Configuration chapter of the System Administration
Guide.
Up to six user name formats can be configured. The default format is username@domain.
Verifying your configuration
To verify your configuration:
In the Exec mode, enter the following command:
show configuration context <context_name>
In the output, verify the AAA settings that you have configured in this user session.