Cisco Systems 78-11741-02 manual Home Agent Using AAA Server Example, IPC-177

Configuring Mobile IP

Mobile IP Configuration Examples

!

!The next ten lines specify security associations for mobile hosts

!on virtual network 10.0.0.0

!

ip mobile secure host 10.0.0.1 spi 100 key hex 12345678123456781234567812345678 ip mobile secure host 10.0.0.2 spi 200 key hex 87654321876543218765432187654321 ip mobile secure host 10.0.0.3 spi 300 key hex 31323334353637383930313233343536 ip mobile secure host 10.0.0.4 spi 100 key hex 45678332353637383930313233343536 ip mobile secure host 10.0.0.5 spi 200 key hex 33343536313233343536373839303132 ip mobile secure host 10.0.0.6 spi 300 key hex 73839303313233343536313233343536 ip mobile secure host 10.0.0.7 spi 100 key hex 83930313233343536313233343536373 ip mobile secure host 10.0.0.8 spi 200 key hex 43536373839313233330313233343536 ip mobile secure host 10.0.0.9 spi 300 key hex 23334353631323334353637383930313 ip mobile secure host 10.0.0.10 spi 100 key hex 63738393132333435330313233343536

!

!The next five lines specify security associations for mobile hosts

!on Ethernet1

Home Agent Using AAA Server Example

In the following AAA server configuration, the home agent can use a AAA server for storing security associations. Mobile IP has been authorized using a RADIUS server to retrieve the security association information, which is used by the home agent to authenticate registrations. This format can be imported into a CiscoSecure server.

user = 20.0.0.1 {

In the example above, the user is the mobile node’s IP address. The syntax for the security association is spi#num = "string", where string is the rest of the ip mobile secure {host visitor home-agent foreign-agent} key hex string command.

The following example shows how the home agent is configured to use the AAA server:

Cisco IOS IP Configuration Guide

IPC-177