Defining radius and enabling nas-port, Defining a vrf, Applying aaa to a virtual template – Cisco 10000 User Manual

Page 297

Advertising
background image

11-7

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 11 Configuring Local AAA Server, User Database—Domain to VRF

Defining RADIUS and Enabling NAS-PORT

To define RADIUS and enable NAS-PORT, enter the following commands in global configuration mode:

Defining a VRF

To define a VRF, enter the following commands beginning in global configuration mode:

Applying AAA to a Virtual Template

To apply AAA to a virtual template, enter the following commands in global configuration mode:

Step 3

Router(config)# aaa authorization network

list-name local if-authenticated

Specifies to use the local profile if authenticated.

Step 4

Router(config)# aaa accounting network

list-name start-stop group radius

Specifies RADIUS accounting as optional.

Step 5

Router(config)# aaa authentication ppp

default local

Required to allow the definition of the AAA authentication list in
the AAA attribute list.

Step 6

Router(config)# aaa authorization network

default local

Required to allow the definition of the AAA authorization list in
the AAA attribute list.

Command

Purpose

Command

Purpose

Step 1

Router(config)# radius-server host

ip-address auth-port 1645 acct-port 1646

key

password

Defines the Radius server that AAA authentication, authorization
and accounting requests are sent to.

Step 2

Router(config)# radius-server attribute

nas-port format d

Defines NAS-Port information to be sent to the AAA accounting
server. (optional)

Command

Purpose

Step 1

Router(config)# ip vrf vrf-name

Enters VRF configuration mode and defines the VRF instance by
assigning a VRF name.

Step 2

Router(config-vrf)# rd

route-distinguisher

Creates routing and forwarding tables.

Step 3

Router(config-vrf)# route-target {import

| export | both}

route-target-ext-community

Creates a list of import an export route target communities for the
specified VRF.

Command

Purpose

Step 1

Router(config)# interface

virtual-template

number

Defines the virtual template to use for PPP.

Step 2

Router(config)# ppp mtu adaptive

For PPPoE, defines auto negotiation of MTU size.

Step 3

Router(config)# ppp authentication pap

chap

Enables PAP, then CHAP, for PPP authentication.

Advertising
Popular Brands
Popular manuals