Cisco Systems 10000 Network Router User Manual

Open as PDF

of 624

11-6

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 11 Configuring Local AAA Server, User Database—Domain to VRF

AAA Method Lists

The AAA method lists are defined to use RADIUS for authentication and accounting. Authorization is

done locally using the AAA attribute lists. Defining the AAA attribute lists for PPP under the virtual

template no longer requires defining the AAA lists. Instead, a default authentication and authorization

list can be defined on the virtual template and the AAA method lists can be defined in the AAA attribute

lists. 2000 method lists are supported.

Using method lists does require that you define aaa authentication ppp default and aaa authorization

network default lists. The following is an example of the commands you use to configure method lists:

interface virtual-template

ppp authentication pap chap

aaa new-model

aaa authentication ppp default local

aaa authorization network default local

aaa authentication ppp method list name group radius

aaa authorization network method list name local if-authenticated

aaa accounting network method list name start-stop group radius

aaa attribute list <domain name>

attribute type ppp-authen-list "method list name"

attribute type ppp-author-list "method list name"

attribute type ppp-acct-list "method list name"

Configuration Tasks for Local AAA Server, User Database—Domain to VRF

Using Local Attributes

To configure a user name domain to a VRF using local AAA attributes, perform the following

configuration tasks:

• Defining AAA, page 11-6

• Defining RADIUS and Enabling NAS-PORT, page 11-7

• Defining a VRF, page 11-7

• Applying AAA to a Virtual Template, page 11-7

• Defining a Loopback Interface, page 11-8

• Creating an IP Address Pool, page 11-8

• Defining a Subscriber Profile, page 11-8

• Defining an AAA Attribute List, page 11-8

Defining AAA

To define AAA (authentication, authorization, and accounting), enter the following commands in global

configuration mode:

Command Purpose

Step 1

Router(config)# aaa new-model

Enables the AAA access control model.

Step 2

Router(config)# aaa authentication ppp

list-name group radius

Specifies RADIUS to authenticate the PPP user name.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems 10000 Network Router User Manual