Defining aaa attribute lists, Subscriber profiles – Cisco 10000 User Manual

Page 295

Advertising
background image

11-5

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 11 Configuring Local AAA Server, User Database—Domain to VRF

Defining AAA Attribute Lists

Typically, you define an AAA attribute list for each user name domain. Cisco IOS Release 12.3(7)XI1
introduces the following two new commands to define local AAA attribute lists and attribute types:

The following is an example of the commands you use to configure method lists:

aaa attribute list <name>

attribute type <name> <value> <service> <protocol> <tag>

Subscriber Profiles

Subscriber profiles are used to match user domain names, and on a match to use a defined AAA attribute
list. Cisco IOS Release 12.3(7)XI1 introduces the following new command to define subscriber profiles:

The following is an example of the commands you use to configure a subscriber profile:

subscriber authorization enable

subscriber profile domain-name

service local

aaa attribute list aaa attribute list name

Command

Purpose

Router(config)# aaa attribute list aaa attribute list
name

Defines an AAA attribute list locally on the router. This attribute
list is applied to the PPP session.

aaa attribute name is the name of the local AAA attribute list.

Router(config)# aaa attribute type name value [service
ppp] [protocol {ip | atm | vpdn}] [tag]

Defines an AAA attribute locally on the router. These attributes
are RADIUS attributes in Cisco IOS AAA format.

name defines the Cisco IOS AAA internal name of the IETF
RADIUS attribute.

value defines a string, binary, or IPv4 address value. This is the
RADIUS attribute that is being defined but in IOS AAA format.

service defines the access method, which is typically PPP.

protocol can be ip, atm, or vpdn.

tag provides a means of grouping attributes that refer to the same
VPDN tunnel.

Command

Purpose

Router(config)# subscriber profile domain-name

Defines an AAA attribute list locally on the router. This attribute
list is applied to the PPP session.

domain-name is the PPP user name domain.

Advertising
Popular Brands
Popular manuals