Cisco Systems 10000 Network Router User Manual

Open as PDF

of 624

10-9

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 10 Configuring Address Pools

On-Demand Address Pool Manager

For an example of how to configure AAA, see Example 10-3 in the “Configuring RADIUS” section on

page 10-9.

Configuring RADIUS

To configure RADIUS on the Cisco 10000 router, enter the following commands in global configuration

mode:

Example 10-3 configures an address pool named Green and a RADIUS server from which the Green

address pool obtains its subnets. The RADIUS server is located at the IP address 172.16.1.1.

Example 10-3 Configuring AAA and RADIUS

aaa new-model

aaa authorization configuration default group radius

aaa accounting network default start-stop group radius

aaa session-id common

ip subnet-zero

ip dhcp ping packets 0

ip dhcp pool Green

vrf Green

utilization mark high 50

utilization mark low 30

origin aaa subnet size initial /28 autogrow /28

ip vrf Green

rd 300:1

route-target export 300:1

route-target import 300:1

interface Ethernet1/1

ip address 172.16.1.12 255.255.255.0

duplex half

Command Purpose

Step 1

Router(config)# ip radius

source-interface subinterface-name

Forces the Cisco 10000 router to use the IP address of the

specified interface for all outgoing RADIUS packets.

Step 2

Router(config)# radius-server host

ip-address auth-port port-number

acct-port port-number

Specifies a RADIUS server host.

Step 3

Router(config)# radius server attribute

32 include-in-access-req

Sends RADIUS attribute 32 (NAS-Identifier) in an access request

or accounting request.

Step 4

Router(config)# radius server attribute

44 include-in-access-req

Sends RADIUS attribute 44 (Accounting Session ID) in an access

request or accounting request.

Step 5

Router(config)# radius-server vsa send

accounting

Configures the Cisco 10000 router, acting as the network access

server (NAS), to recognize and use vendor-specific accounting

attributes.

Step 6

Router(config)# radius-server vsa send

authentication

Configures the Cisco 10000 router (NAS) to recognize and use

vendor-specific authentication attributes.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems 10000 Network Router User Manual