Cisco 10000 User Manual

Page 198

Advertising
background image

5-34

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server

L2TP Network Server

Configuring RADIUS-Specific Commands for the VRF

To configure AAA global RADIUS-specific commands for the VRF definition, enter the following
commands:

Command

Purpose

Step 1

Router> enable

Enters privileged EXEC mode.

Step 2

Router# config terminal

Enters global configuration mode.

Step 3

Router(config)# interface

virtual-template

number

Configures a virtual template interface and enters interface
configuration mode.

Step 4

Router(config-if)# ip vrf forwarding

vrf-name

Associates a VRF instance with a virtual template interface.

The vrf-name argument is the name assigned to a VRF.

Step 5

Router(config-if)# ppp authentication

{protocol1 [protocol2...]} list-name

Enables Challenge Handshake Authentication Protocol (CHAP)
or Password Authentication Protocol (PAP) or both and specifies
the order in which CHAP and PAP authentication are selected on
the interface.

The protocol1[protocol2...] argument specifies at least one of the
following keywords:

chap—Enables CHAP on a serial interface.

ms-chap—Enables Microsoft’s version of CHAP
(MS-CHAP) on a serial interface.

pap—Enables PAP on a serial interface.

The list-name argument (optional) specifies the name of a list of
methods of authentication to use. This is the same name you
specified in step 4 of the

“Configuring AAA for the VRF” section

on page 5-32

. If no list name is specified, the system uses the

default. Create the list by using the aaa authentication ppp
command.

Step 6

Router(config-if)# ppp authorization

list-name

Enables AAA authorization on the selected interface.

The list-name argument (optional) specifies the name of a list of
authorization methods to use. If no list name is specified, the
system uses the default. Create the list by using the aaa
authorization command.

Step 7

Router(config-if)# ppp accounting

list-name

Enables AAA accounting services on the selected interface.

Step 8

Router(config-if)# exit

Exits interface configuration mode.

Step 9

Router(config)# ip radius

source-interface

subinterface-name vrf

vrf-name

Forces RADIUS to use the IP address of a specified interface for
all outgoing RADIUS packets and enables the specification on a
per VRF basis.

The subinterface-name argument specifies the name of the
interface that RADIUS uses for all of its outgoing packets.

The vrf vrf-name keyword and argument specify the per
VRF configuration.

Advertising
Popular Brands
Popular manuals