Cisco Cisco IOS Software Release 12.4(2)XB6

Page de 244
 
223
Cisco Packet Data Serving Node (PDSN) Release 4.1 for Cisco IOS Release 12.4(15)XR7
 
Cisco Packet Data Serving Node (PDSN) Release 4.1 for Cisco IOS Release 12.4(15)XR7
AAA Authentication and Authorization Profile
This section describes User Profiles to be configured at the AAA server for authentication and 
authorization of users for various service types (Simple IP, Mobile IP, and so on.). It also describes the 
minimal configuration required for the same.
1.
Client router should be authorized to access Cisco Access Registrar
The client profile contains the ip address of the router and the shared key. The following example 
illustrates a client profile:
[ //localhost/Radius/Clients/username ]
    Name = username
    Description = 
    IPAddress = 9.15.68.7
    SharedSecret = lab
    Type = NAS
    Vendor = 
    IncomingScript~ = 
    OutgoingScript~ = 
    UseDNIS = FALSE
    DeviceName = 
    DevicePassword = 
2.
A User should have a profile configured at AAA (this is applicable to an NAI as well, in case of 
MoIP). 
A user profile contains username, password, and the base profile where attributes retrieved during 
authorization can be configured. 
The following example illustrates a user profile:
[ //localhost/Radius/UserLists/Default/username ]
    Name = username
    Description = 
    Password = <encrypted>
    AllowNullPassword = FALSE
    Enabled = TRUE
    Group~ = 
    BaseProfile~ = username-sip
    AuthenticationScript~ = 
    AuthorizationScript~ = 
    UserDefined1 =
3.
A Base Profile contains attributes applied for the user during authorization.
The following example illustrates a base profile :
RSVP Signaling Packets 
Inbound
G24
RSVP Signaling Packets 
Outbound
G25
Table 15
In Interim-accounting Record  (Continued)
Attribute Name
TIA/EIA/IS-835-B
Type/Subtype