Cisco Cisco IOS Software Release 12.2(27)SBC
RADIUS-Based Lawful Intercept
Configuration Examples for RADIUS-Based Lawful Intercept
8
Cisco IOS Security Configuration Guide
Troubleshooting Tips
You can use the following commands to troubleshoot your lawful intercept configuration:
•
debug aaa accounting
•
debug aaa authentication
•
debug aaa coa
•
debug ppp authentication
•
debug radius
Configuration Examples for RADIUS-Based Lawful Intercept
This section provides the following configuration example:
•
Enabling RADIUS-Based Lawful Intercept on a Router: Example
The following example shows the configuration of a RADIUS-Based Lawful Intercept solution on a
router acting as NAS device employing an Ethernet PPP connection over ATM (PPPoEoA) link:
router acting as NAS device employing an Ethernet PPP connection over ATM (PPPoEoA) link:
aaa new-model
!
aaa intercept
!
aaa group server radius SG
server 10.0.56.17 auth-port 1645 acct-port 1646
!
aaa authentication login LOGIN group SG
aaa authentication ppp default group SG
aaa authorization network default group SG
aaa accounting send stop-record authentication failure
aaa accounting network default start-stop group SG
!
aaa server radius dynamic-author
client 10.0.56.17 server-key cisco
!
vpdn enable
!
bba-group pppoe PPPoEoA-TERMINATE
virtual-template 1
!
interface Loopback0
ip address 10.1.1.2 255.255.255.0
!
interface FastEthernet4/1/0
description To RADIUS server
ip address 10.0.56.20 255.255.255.0
duplex auto
!
interface FastEthernet4/1/2
description To network
ip address 10.1.1.1 255.255.255.0
duplex auto
!
interface ATM5/0/0