Filter
Top Products
11-4
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 11 Configuring Local AAA Server, User Database—Domain to VRF
In the figure, the BRAS can be configured to provide AAA accounting start/stop and periodic records
for each PPP session. The BRAS can also be configured to provide NAS-Port information in the
accounting records that will detail the slot/card/interface and VPI/VCI or VLAN.
AAA Attribute Lists
AAA Attribute Lists are used by the subscriber profiles when there is a match of the user name domain.
These lists define RADIUS user profiles local to the router. The attributes are available for configuration
using the aaa attribute list name global configuration command. Every attribute known to AAA is made
available for configuration.
The AAA attributes that are defined in the AAA attribute list are standard RADIUS attributes, however
they are in the Cisco IOS AAA format of the attribute. You must convert the attributes from RADIUS
format to Cisco IOS AAA format.
Converting from RADIUS Format to Cisco IOS AAA Format
Use the show aaa attribute protocol radius command to get the Cisco IOS AAA format of the IETF
RADIUS Attribute. This provides a complete list of all the aaa attributes supported. The following is an
example where you need to convert the RADIUS attribute Filter-Id to Cisco IOS AAA format. This
example represents part of the output of the show aaa attribute protocol radius command.
IIETF defined attributes:
Type=4 Name=acl Format=Ulong
Protocol:RADIUS
Unknown Type=11 Name=Filter-Id Format=Binary
Cisco IOS converts the IETF RADIUS attribute 11 (Filter-Id) of type Binary into an internal attribute
named acl of type Ulong. Now you can configure this attribute locally using the attribute type acl.
Note You cannot add new AAA attributes during the conversion process. The conversion is only making the
attributes configurable and usable locally on the router. The defined local AAA attributes must be
supported RADIUS attributes.