Filter
Top Products
5-34
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server
L2TP Network Server
Configuring RADIUS-Specific Commands for the VRF
To configure AAA global RADIUS-specific commands for the VRF definition, enter the following
commands:
Command Purpose
Step 1
Router> enable
Enters privileged EXEC mode.
Step 2
Router# config terminal
Enters global configuration mode.
Step 3
Router(config)# interface
virtual-template number
Configures a virtual template interface and enters interface
configuration mode.
Step 4
Router(config-if)# ip vrf forwarding
vrf-name
Associates a VRF instance with a virtual template interface.
The vrf-name argument is the name assigned to a VRF.
Step 5
Router(config-if)# ppp authentication
{protocol1 [protocol2...]} list-name
Enables Challenge Handshake Authentication Protocol (CHAP)
or Password Authentication Protocol (PAP) or both and specifies
the order in which CHAP and PAP authentication are selected on
the interface.
The protocol1[protocol2...] argument specifies at least one of the
following keywords:
• chap—Enables CHAP on a serial interface.
• ms-chap—Enables Microsoft’s version of CHAP
(MS-CHAP) on a serial interface.
• pap—Enables PAP on a serial interface.
The list-name argument (optional) specifies the name of a list of
methods of authentication to use. This is the same name you
specified in step 4 of the
“Configuring AAA for the VRF” section
on page 5-32. If no list name is specified, the system uses the
default. Create the list by using the aaa authentication ppp
command.
Step 6
Router(config-if)# ppp authorization
list-name
Enables AAA authorization on the selected interface.
The list-name argument (optional) specifies the name of a list of
authorization methods to use. If no list name is specified, the
system uses the default. Create the list by using the aaa
authorization command.
Step 7
Router(config-if)# ppp accounting
list-name
Enables AAA accounting services on the selected interface.
Step 8
Router(config-if)# exit
Exits interface configuration mode.
Step 9
Router(config)# ip radius
source-interface subinterface-name vrf
vrf-name
Forces RADIUS to use the IP address of a specified interface for
all outgoing RADIUS packets and enables the specification on a
per VRF basis.
The subinterface-name argument specifies the name of the
interface that RADIUS uses for all of its outgoing packets.
The vrf vrf-name keyword and argument specify the per
VRF
configuration.