Downloads |
Table Of Contents
Configuring RADIUS Route Download
Verifying RADIUS Route Download
RADIUS Route Download Configuration Example
RADIUS Route Download
First Published: 12.2(8)TLast Updated: February 28, 2006History for the RADIUS Route Download Feature
12.2(8)T
This feature was introduced.
12.2(28)SB
This feature was integrated into Cisco IOS Release 12.2(28)SB.
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
Feature Overview
The RADIUS Route Download feature allows users to configure their network access server (NAS) to send static route download requests to authorization, authentication, and accounting (AAA) servers specified by a named method list. Before this feature, RADIUS authorization for static route download requests could be sent only to AAA servers specified by the default method list.
This feature extends the functionality of the aaa route download command to allow users to specify the name of the method list that will be used to direct static route download requests to the AAA servers. The aaa route download command may be used to specify a separate method list for downloading static routes. This method list can be added by using the aaa authorization configuration command.
Benefits
The RADIUS Route Download feature allows users to specify a separate method list for static route download requests; that is, the NAS can direct RADIUS authorization for static route download requests to servers specified by a method list in addition to the default method list.
Prerequisites
AAA network security must be enabled before you perform the tasks in this feature. For information about enabling AAA, refer to the AAA section in the Cisco IOS Security Configuration Guide, Release 12.4.
Configuration Tasks
See the following sections for configuration tasks for the RADIUS Route Download feature. Each task in the list is identified as either required or optional.
•
Configuring RADIUS Route Download (required)
•
Configuring RADIUS Route Download
To configure the NAS to send static route download requests to the servers specified by a named method list, use the following commands in global configuration mode:
Verifying RADIUS Route Download
To verify the routes that are installed, use the show ip route command in EXEC mode.
To display information that is associated with RADIUS, use the debug radius command in privileged EXEC mode.
Configuration Examples
This section provides the following configuration examples:
•
RADIUS Route Download Configuration Example
The following example shows how to configure the NAS to send static route download requests to the servers specified by the method list named "list1":
aaa new-modelaaa group server radius rad1server 10.2.2.2 auth-port 1645 acct-port 1646!aaa group server tacacs+ tac1server 172.17.3.3!aaa authorization configuration default group radiusaaa authorization configuration list1 group rad1 group tac1aaa route download 1 authorization list1tacacs-server host 172.17.3.3tacacs-server key ciscotacacs-server administration!radius-server host 10.2.2.2 auth-port 1645 acct-port 1646radius-server key ciscoAdditional References
The following sections provide references related to RADIUS Route Download.
Related Documents
AAA Overview
"AAA Overview" chapter in the Cisco IOS Security Configuration Guide, Release 12.4
Configuring Large-Scale Dial-Out
"Configuring Large-Scale Dial-Out" chapter in the Cisco IOS Dial Technologies Configuration Guide, Release 12.4
Cisco IOS Dial Technologies
Cisco IOS Dial Technologies Command Reference, Release 12.4
Standards
MIBs
None
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
RFCs
Technical Assistance
Command Reference
This section documents the following modified command only.
aaa route download
To enable the static route download feature and set the amount of time between downloads, use the aaa route download command in global configuration mode. To disable this function, use the no form of this command.
aaa route download [time] [authorization method-list]
no aaa route download
Syntax Description
Defaults
The default period between downloads (updates) is 720 minutes.
Command Modes
Global configuration
Command History
Usage Guidelines
This command is used to download static route details from the authorization, authentication, and accounting (AAA) server if the name of the router is hostname. The name passed to the AAA server for static routes is hostname-1, hostname-2... hostname-n—the router downloads static routes until it fails an index and no more routes can be downloaded.
Examples
The following example sets the AAA route update period to 100 minutes:
aaa route download 100The following example sets the AAA route update period to 10 minutes and sends static route download requests to the servers specified by the method list name "list1":
aaa route download 10 authorization list1Related Commands
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2001-2002, 2005-2006 Cisco Systems, Inc. All rights reserved.
