Cisco Cisco IOS Software Release 12.2(1)DX
1
Cisco IOS Release 12.2(1)DX
Per VRF AAA
Feature History
This feature module describes the Per VRF AAA feature for Cisco IOS Release 12.2(1)DX. It includes
the following sections:
the following sections:
•
•
•
•
•
•
•
•
Feature Overview
Using the Per VRF AAA feature, Internet Service Providers (ISPs) can partition authentication,
authorization, and accounting (AAA) services based on Virtual Route Forwarding (VRF). This permits
the Virtual Home Gateway (VHG) to communicate directly with the customer RADIUS server
associated with the customer VPN, without having to go through a RADIUS proxy. Thus, ISPs can scale
their VPN offerings more efficiently because they no longer need to proxy AAA to provide their
customers the flexibility demanded.
authorization, and accounting (AAA) services based on Virtual Route Forwarding (VRF). This permits
the Virtual Home Gateway (VHG) to communicate directly with the customer RADIUS server
associated with the customer VPN, without having to go through a RADIUS proxy. Thus, ISPs can scale
their VPN offerings more efficiently because they no longer need to proxy AAA to provide their
customers the flexibility demanded.
To support Per VRF AAA, AAA must be VRF aware. ISPs must define multiple instances of the same
operational parameters—such as AAA server groups, method lists, system accounting, and
protocol-specific parameters—and secure the parameters to the VRF partitions.
operational parameters—such as AAA server groups, method lists, system accounting, and
protocol-specific parameters—and secure the parameters to the VRF partitions.
Release
Modification
12.2(1)DX
This feature was introduced.