Cisco 10000 User Manual

5-43

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server

L2TP Network Server

Configuring AAA Authentication Methods

To configure AAA authentication methods, do the following:

Step 1

Enable AAA using the aaa new-model global configuration command. For more information, see the
“AAA Overview” chapter in the Cisco IOS Security Configuration Guide, Release 12.2.

Step 2

Configure RADIUS security protocol parameters. For more information about RADIUS, see the
“Configuring RADIUS” chapter in the Cisco IOS Security Configuration Guide, Release 12.2.

Step 3

Define the authentication method lists using the aaa authentication command.

Step 4

Apply the authentication method lists to an interface, a line, or a set of lines as required.

The Configuring Authentication” chapter in the Cisco IOS Security Configuration Guide, Release 12.2
describes how to configure the following authentication methods:

•

Configuring Login Authentication Using AAA

•

Configuring PPP Authentication Using AAA

•

Configuring AAA Scalability for PPP Requests

•

Configuring ARAP Authentication Using AAA

•

Configuring NASI Authentication Using AAA

•

Specifying the Amount of Time for Login Input

•

Enabling Password Protection at the Privileged Level

•

Changing the Text Displayed at the Password Prompt

•

Configuring Message Banners for AAA Authentication

•

Configuring AAA Packet of Disconnect

•

Enabling Double Authentication

•

Enabling Automated Double Authentication

Step 3

Router(config)# vpdn tunnel authorization

virtual-template

<vtemplate num>

Specifies the default virtual template interface used to clone a
virtual access interface (VAI).

If you do not specify a virtual template interface in the local
VPDN group configuration or in a remote RADIUS
configuration, then this default virtual template interface is used.

Note

The vpdn tunnel authorization virtual-template
command is only applicable on the LNS.

Step 4

Router(config)# vpdn tunnel authorization

password

<dummy password>

Specifies the password to use for the RADIUS authorization
request to retrieve the tunnel configuration based on the remote
tunnel hostname. By default, the password is cisco, but you can
configure a different password.

Note

The vpdn tunnel authorization password command is
applicable on both the LAC and LNS.

Command

Purpose