Cisco Cisco IOS Software Release 12.2(4)B

No new or modified RFCs are supported by this feature.

Before configuring a RADIUS accept or reject list, you must enable AAA.

For more information, refer to the AAA chapters in the Cisco IOS Security Configuration Guide, 
Release 12.2.

See the following section for configuration tasks for the RADIUS Attribute Screening feature. Each task 
in the list is identified as either optional or required.

 (required)

 (optional)

To configure a RADIUS attribute accept or reject list for authorization or accounting, use the following 
commands beginning in global configuration mode:

Router(config)# aaa authentication ppp default 

 group-name

Specifies one or more AAA authentication 
methods for use on serial interfaces running PPP.

default—Uses the listed authentication methods 
that follow this argument as the default list of 
methods when a user logs in.

group group-name—Uses a subset of RADIUS 
servers for authentication as defined by the 
aaa group server radius command.

Router(config)# aaa authorization network default 

Sets parameters that restrict user access to the 
network.

default—Uses the listed authentication methods 
that follow this argument as the default list of 
methods when a user logs in.

group group-name—Uses a subset of RADIUS 
servers for authentication as defined by the 
aaa group server radius command.

Router(config)# aaa group server radius group-name

Groups different RADIUS server hosts into 
distinct lists and distinct methods.

group-name—Character string used to name the 
group of servers.