Configuring per vrf aaa services, And the – Cisco 10000 User Manual
Page 195
5-31
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server
L2TP Network Server
Configuring per VRF AAA Services
To configure per VRF AAA services, perform the following tasks:
•
•
Configuring Private Server Parameters, page 5-31
•
Configuring AAA for the VRF, page 5-32
•
Configuring RADIUS-Specific Commands for the VRF, page 5-34
Note
For more information about configuring AAA parameters, see the Cisco IOS Security Configuration
Guide, Release 12.2.
Enabling AAA
To enable AAA, enter the following commands.
Note
For more information, see the Cisco IOS Command Summary, Volume 2 of 3, Release 12.2.
Configuring Private Server Parameters
To configure private server operational parameters, enter the following commands:
Command
Purpose
Step 1
Router> enable
Enters privileged EXEC mode.
Step 2
Router# config terminal
Enters global configuration mode.
Step 3
Router(config)# aaa new model
Enables AAA.
Command
Purpose
Step 1
Router> enable
Enters privileged EXEC mode.
Step 2
Router# config terminal
Enters global configuration mode.
Step 3
Router(config)# aaa group server radius
group-name
Groups different RADIUS server hosts into distinct lists and
distinct methods.
The group-name argument is the character string used to name the
group.
Note
When RADIUS servers are configured in a group and the
first server fails to respond, the L2TP tunnel request from
the LAC might time out before the LNS fails over to the
second server. To avoid this, configure the LAC with the
following commands in VPDN group configuration
mode:
l2tp tunnel retransmit initial retries 5
l2tp tunnel retransmit initial timeout min 2