Home
Support
Product Support
Optical Networking
Cisco Network Convergence System 1000 Series
Configuration Guides

System Setup and Software Installation Guide for Cisco NCS 1010, IOS XR Releases

How do server groups affect AAA method-list behavior?
What should be verified after configuring TACACS+ or RADIUS groups?
Why are type 7 passwords and type 5 secrets deprecated?

View all Saved Content

PDF

Is this content helpful?

Helpful Unhelpful

Suggestions for Improvement

Thank you for your feedback. Your response has been recorded.

Ask about this content

System Setup and Software Installation Guide for Cisco NCS 1010, IOS XR Releases

How do server groups affect AAA method-list behavior?
What should be verified after configuring TACACS+ or RADIUS groups?
Why are type 7 passwords and type 5 secrets deprecated?

Expand all sections

About this content

Cisco NCS 1010 optical line system

Cisco NCS 1010 chassis and line cards
Cisco NCS 1000 passive modules

Software setup fundamentals

Types of software releases for Cisco NCS 1010
Downloadable software files for Cisco NCS 1010
Command modes for Cisco NCS 1010

Setup procedures

Pre-setup requirements for Cisco NCS 1010
Cisco NCS 1010 setup workflow
Cisco NCS 1010 software and hardware verification
Cisco NCS 1010 post-setup tasks

TACACS+ and RADIUS configuration

TACACS+ and RADIUS configuration details
Deprecation of type 7 password and type 5 secret
TACACS+ protocol
Configure TACACS+ server
Configure and verify TACACS+ server groups
RADIUS protocol
Configure and verify RADIUS server groups

Setup and upgrade workflow

NCS 1010 upgrade
Software and firmware compatibility matrix
Software upgrade plan
Back up the current configuration
Field programmable devices
System stability checks
Install file sources
Download install files from Cisco Software Center
Software upgrade methods
Data model software upgrade method
Software upgrade verification

Classic ZTP deployment

DHCP configuration
Provision Cisco NCS 1010 using DHCP-based ZTP fresh boot

Software maintenance

Install additional RPMs and bug fixes
Downgrade software version
Telemetry sensor paths for install operations

Setup and upgrade troubleshooting

NCS 1010 boot failure recovery
Recover password
Resolve insufficient disk space during software installation
Recover frozen console prompt

Disaster recovery

Disaster recovery partitions
CPU replacement considerations
Backup ISO image health check
Automated file management behavior

BGP configuration

BGP routing

CDP configurations

CDP support on Cisco NCS 1010

Daisy chain topology

Daisy chain topology
Configure daisy chain on management ports
Verify daisy chain
Enable storm control on TOR switch
Disable DAD on the management port

Access control lists

Access control lists
How access control lists work
Apply ACLs
ACL configuration procedures

Remote node management

Remote node management details for NCS 1010
Remote node management with OSC
Remote node management prerequisites
DHCP relay configuration for OLT node
Loopback IP address for OSC interface
OSPF neighbor discovery
ILA node configuration
OLT node configuration

Remote console connection workflow

Remote console connection details
Remote console connection support for Cisco NCS 1010
Find the MAC address of all the nodes
Connect to a remote node

Automated file management

Automated file management behavior

Audit log storage and monitoring

Audit logging and monitoring details
Audit logs
How audit logging works
Guideline: Use audit logging
Note: Review audit log storage behavior
Configure audit logging

Process memory management

Process memory management details
Core dump folders

RADIUS protocol

Updated: June 17, 2026

Want to summarize with AI?

On this page

Details

This section explains RADIUS for Cisco NCS 1010. Use it to understand the feature behavior, requirements, and setup context before you configure or verify AAA, RADIUS, and TACACS+ configuration.

Remote Authentication Dial-In User Service (RADIUS) is a distributed client/server system that provides security against unauthorized access in distributed client/server networks. In Cisco's implementation, RADIUS clients operate on Cisco NCS 1010 and send requests for authentication and accounting to a central RADIUS server that contains all user authentication and network service access information.

Details

Cisco's AAA security paradigm supports RADIUS, which can be used alongside other security protocols like TACACS+, Kerberos, and local username lookup.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.