IMPORTANT:
Configuring RADIUS AAA Functionality at Context Level
IMPORTANT:
IMPORTANT:
configure
context <context_name>
radius
server <ipv4/ipv6_address> key <shared_secret> [ max <value> ] [ oldports | port <tcp_port> ] [ priority <priority> ]
radius [ mediation-device ] accounting server <ipv4/ipv6_address> key <shared_secret> [ acct-on { enable | disable } ] [ acct-off { enable | disable } ] [ max <msgs> ] [ oldports ] [ port <port_number> ] [ priority <priority> ] [ type
standard ]
radius
attribute nas-identifier <identifier>
radius
attribute nas-ip-address address <primary_ipv4/ipv6_address> [ backup <secondary_ipv4/ipv6_address> ]
radius
strip-domain [ authentication-only | accounting-only ]
end
IMPORTANT:
IMPORTANT:
Configuring Diameter Endpoint
configure
context <context_name>
diameter
endpoint <endpoint_name>
origin
host <host_name> address <ipv4/ipv6_address> [ port <port_number> ] [ accept-incoming-connections ] [ address <ipv4/ipv6_address_secondary> ]
peer <peer_name> [ realm <realm_name> ] address <ipv4/ipv6_address> [ [ port <port_number> ] [ connect-on-application-access ] [ send-dpr-before-disconnect [ disconnect-cause <disconnect_cause> ] ] [ sctp ] ]+
end
IMPORTANT:
Configuring Diameter AAA Functionality at Context Level
IMPORTANT:
configure
context <context_name>
diameter
authentication endpoint <endpoint_name>
diameter
authentication server <host_name> priority <priority>
diameter
authentication dictionary <dictionary>
diameter
accounting endpoint <endpoint_name>
diameter
accounting server <host_name> priority <priority>
diameter
accounting dictionary <dictionary>
end
Configuring Diameter Authentication Failure Handling
Configuring at Context Level
configure
context <context_name>
diameter
authentication failure-handling { authorization-request | eap-request | eap-termination-request } { request-timeout
action { continue | retry-and-terminate | terminate } | result-code <result_code> { [ to <result_code> ] action { continue | retry-and-terminate | terminate } } }
end
Configuring at AAA Group Level
configure
context <context_name>
aaa
group <group_name>
diameter
authentication failure-handling { authorization-request | eap-request | eap-termination-request } { request-timeout
action { continue | retry-and-terminate | terminate } | result-code <result_code> { [ to <result_code> ] action { continue | retry-and-terminate | terminate } } }
end
Configuring System-Level AAA Functionality
IMPORTANT:
configure
aaa
default-domain subscriber <domain_name>
aaa
default-domain administrator <domain_name>
aaa
last-resort context subscriber <context_name>
aaa
last-resort context administrator <context_name>
aaa
username-format { domain | username } { @ | % | - | \ | # | / }
end
IMPORTANT:
AAA Server Group Configuration
IMPORTANT:
configure
context <context_name>
aaa
group <group_name>
end
IMPORTANT:
Applying a AAA Server Group to a Subscriber
configure
context <context_name>
subscriber
name <subscriber_name>
aaa
group <group_name>
end
Applying a AAA Server Group to an APN
Configuring the Destination Context Attribute
IMPORTANT:
configure
context <context_name>
subscriber
name default
ip
context-name <destination_context_name>
end