|
Command or Action |
Purpose |
|
enable
Example:
Router> enable
|
Enables privileged EXEC mode.
- Enter your password if prompted.
|
|
configure terminal
Example:
Router# configure terminal
|
Enters global configuration mode. |
|
aaa new-model
Example:
Router(config)# aaa new-model
|
Enables the AAA access control model. |
|
aaa authentication login default group radius
Example:
Router(config)# aaa authentication login default group radius
|
Sets AAA authentication at login using the group radius method. |
|
aaa authentication login list-name none
Example:
Router(config)# aaa authentication login noAAA none
|
Sets AAA authentication at login and ensures that the authentication succeeds even if all methods of authentication return an error. |
|
aaa authentication eou default enable group radius
Example:
Router(config)# aaa authentication eou default enable group radius
|
Sets authentication lists for Extensible Authentication Protocol over User Datagram Protocol (EAPoUDP). |
|
aaa authorization network default group radius local
Example:
Router(config)# aaa authorization network default group radius local
|
Sets parameters that restrict user access to a network using the group radius and local methods.
- The group radius method uses the list of all RADIUS servers for authentication.
- The local method uses the local database for authorization.
|
|
aaa authorization list-name default group radius
Example:
Router(config)# aaa authorization auth-proxy default group radius
|
Sets parameters that restrict user access to a network using the group radius method. |
|
aaa accounting auth-proxy default start-stop group group-name
Example:
Router(config)# aaa accounting auth-proxy default start-stop group radius
|
Creates a method list to provide information about all authenticated-proxy user events.
- Sends a "start" accounting notice at the beginning of a process and a "stop" accounting notice at the end of a process.
|
|
aaa accounting system default start-stop group group-name
Example:
Router(config)# aaa accounting system default start-stop group radius
|
Creates a method list to provide accounting for all system-level events not associated with users.
- Sends a "start" accounting notice at the beginning of a process and a "stop" accounting notice at the end of a process.
|
|
aaa session-id common
Example:
Router(config)# aaa session-id common
|
Specifies that the same ID will be assigned for each AAA accounting service type within a call. |
|
radius-server attribute 6 on-for-login-auth
Example:
Router(config)# radius-server attribute 6 on-for-login-auth
|
Sends the Service-Type attribute in the authentication packets. |
|
radius-server attribute 8 include-in-access-req
Example:
Router(config)# radius-server attribute 8 include-in-access-req
|
Sends the IP address of a user to the RADIUS server in the access request. |
|
radius-server attribute 25 access-request include
Example:
Router(config)# radius-server attribute 25 access-request include
|
Sends an arbitrary value that the network access server includes in all accounting packets for the user if supplied by the RADIUS server. |
|
radius-server configure-nas
Example:
Router(config)# radius-server configure-nas
|
Configures the Cisco router or access server to query the vendor-proprietary RADIUS server for the static routes and IP pool definitions used throughout its domain when the device starts up. |
|
radius-server host ip-address auth-port port-number acct-port port-number key string
Example:
Router(config)# radius-server host 192.168.104.131 auth-port 1645 acct-port 1646 key string1
|
Specifies a RADIUS server host.
- Specifies the UDP destination port for authentication requests.
- Specifies the UDP destination port for accounting requests.
|
|
radius-server host ip-address auth-port port-number acct-port port-number key string
Example:
Router(config)# radius-server host 192.168.104.132 auth-port 1645 acct-port 1646 key string2
|
Specifies a RADIUS server host.
- Specifies the UDP destination port for authentication requests.
- Specifies the UDP destination port for accounting requests.
|
|
radius-server source-ports extended
Example:
Router(config)# radius-server source-ports extended
|
Enables 200 ports in the range from 21645 to 21844 to be used as the source ports for sending out RADIUS requests.
- Ports 1645 and 1646 are used as the source ports for RADIUS requests.
|
|
radius-server vsa send authentication
Example:
Router(config)# radius-server vsa send authentication
|
Configures the network access server (NAS) to recognize and use vendor-specific attributes (VSAs). |
|
exit
Example:
Router(config)# exit
|
Exits global configuration mode. |