Cisco OL-15491-01 User Manual

Page 124

Advertising
background image

A-124

Cisco Content Services Gateway - 2nd Generation Release 2.0 Installation and Configuration Guide

OL-15491-01

Appendix A CSG2 Command Reference

ip csg radius endpoint

Command History

Usage Guidelines

A RADIUS Accounting message sent to the specified csg-address (and any port) is parsed, and is then
acknowledged, by the CSG2.

CSG2 User Table entries created as a result of RADIUS messaging through the ip csg radius endpoint
definition with a VRF configured are indexed by the configured sub-vrf-name. This enables the CSG2
to segment the subscriber space and removes ambiguity if multiple subscribers share the same IP
address, provided that their entries were instantiated by RADIUS flows to CSG2 radius definitions
bound to different VRFs. If the sub-vrf-name is not configured, the User Table entries are indexed via
the global routing table.

To change the RADIUS endpoint csg-vrf-name or sub-vrf-name associated with a given csg-address, you
must first enter the no form of the ip csg radius endpoint command for that csg-address, then enter the
command with the new csg-vrf-name or sub-vrf-name.

You can specify up to 64 RADIUS endpoints.

Note

When the CSG2 is configured as a RADIUS endpoint, the CSG2 drops all RADIUS packets other than
RADIUS Accounting-Request messages.

A RADIUS endpoint that is configured with different values for the csg-address and csg-source-address
virtual server IP addresses consumes two RADIUS endpoint resources, not just one. As a result, the
maximum number of RADIUS endpoints is reduced by one for each RADIUS endpoint configured with
different values for the virtual server IP addresses. In order to configure 64 RADIUS endpoints, each
RADIUS endpoint must be configured with the same IP address for csg-address and csg-source-address.
The virtual server IP address must still be different for each RADIUS endpoint command.

You can also configure an optional RADIUS key.

If you configure a RADIUS key, the CSG2 parses and acts on a message only if the RADIUS
Authenticator is correct.

If you do not configure a RADIUS key, the CSG2 always parses and forwards every message.

Examples

The following example shows how to identify the CSG2 as a RADIUS endpoint:

ip

csg radius endpoint vrf RADIUSVRF 1.2.3.4 key secret vrf SUBVRF

Release

Modification

12.4(11)MD

This command was migrated from CSG1.

Changes from CSG1:

The name of this command changed from radius endpoint to ip csg radius
endpoint.

The configuration mode for this command changed from module CSG
configuration to global configuration.

The vrf csg-vrf-name and vrf sub-vrf-name keywords and arguments were
added.

The table table-name keyword and argument were removed.

Advertising
Popular Brands
Popular manuals