Configuring radius features, Radius attribute screening, C h a p t e r – Cisco 10000 User Manual
Page 341
C H A P T E R
16-39
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
16
Configuring RADIUS Features
This chapter describes the following features:
•
RADIUS Attribute Screening, page 16-39
•
RADIUS Transmit Retries, page 16-42
•
Extended NAS-Port-Type and NAS-Port Support, page 16-44
•
RADIUS Attribute 31: PPPoX Calling Station ID, page 16-51
•
RADIUS Packet of Disconnect, page 16-55
RADIUS Attribute Screening
The RADIUS Attribute Screening feature allows you to configure a list of “accept” or “reject” RADIUS
attributes on the Cisco 10000 router for authorization and accounting purposes. Based on the accept or
reject list you configure for a particular purpose, the Cisco 10000 series router:
•
Accepts and processes all standard RADIUS attributes
•
Rejects all standard RADIUS attributes
Before you configure a RADIUS accept or reject list, enable AAA using the aaa new-model command
in global configuration mode. For more information, see the Cisco IOS Command Summary, Volume 2
of 3, Release 12.2.
The Cisco 10000 series router supports the RADIUS Attribute Screening feature in the following
deployment models:
•
Managed L2TP Network Server
•
PPP Terminated Aggregation (PTA) to VRF
•
Remote Access (RA) to MPLS VPN
Note
For more information about RADIUS attribute screening, see the RADIUS Attribute Screening feature
module.
The RADIUS Attribute Screening feature is described in the following topics:
•
Feature History for RADIUS Attribute Screening, page 16-40
•
Restrictions for RADIUS Attribute Screening, page 16-40
•