Cisco Systems 4.2 Network Card User Manual


  Open as PDF
of 94
 
5-11
Installing and Configuring Cisco Access Registrar, 4.2
OL-17221-02
Chapter 5 Customizing Your Configuration
Configuring a Remote Server for AA
Creating Services
Step 1 Run the aregcmd command:
aregcmd
Step 2 Use the cd command to change to the Services level:
cd /Radius/Services
Step 3 Use the add command to add the appropriate LDAP service. The following example adds the
remote-ldap service:
add remote-ldap "Remote LDAP Service"
Step 4 Use the cd command to change to the remote-ldap object:
cd /Radius/Services/remote-ldap
Step 5 Use the set command to set the type to ldap. You can accept the default Outage Policy and
MultipleServersPolicy or you can use the set command to change them.
set type ldap
Step 6 Use the cd command to change to the RemoteServers:
cd /Radius/Services/remote-ldap/RemoteServers
Step 7 Use the set command to set the server number and name. By giving each server a number you tell Cisco
AR the order you want it to access each server. Cisco AR uses this order when implementing the
MultipleServersPolicy of Failover or RoundRobin.
The following example sets the first remote server to the server QuickExample:
set 1 QuickExample
The MultipleServersPolicy determines how Cisco AR handles multiple remote servers.
When you set it to Failover, Cisco AR directs requests to the first server in the list until it
determines the server is offline. At that time, Cisco AR redirects all requests to the next server in
the list until it finds a server that is online.
When you set it to RoundRobin, Cisco AR directs each request to the next server in the
RemoteServers list in order to share the resource load across all the servers listed in the
RemoteServers list.
Configuring the RADIUS Server
In the default Cisco AR configuration, authentication and authorization are handled through the
local-users Service object. This causes Cisco AR to match requesting users with the names in its own
database. When you select LDAP as a remote server for authentication and authorization, Cisco AR
looks to that server for user information.
 previous next