Cisco Systems OL-15491-01 ip csg radius endpoint

A-117

Cisco Content Services Gateway - 2nd Generation Release 2.0 Installation and Configuration Guide

OL-15491-01

AppendixA CSG2 Command Reference

ip csg radius endpoint

ip csg radius endpoint

To identify the CSG2 as an endpoint for RADIUS Accounting messages, use the ip csg radius endpoint

command in global configuration mode. To remove the endpoint identification, use the no form of this

command.

ip csg radius endpoint [vrf csg-vrf-name] csg-address key [encrypt] secret-string

[vrf sub-vrf-name]

no ip csg radius endpoint [vrf csg-vrf-name] csg-address

Syntax Description vrf csg-vrf-name (Optional) Virtual Routing and Forwarding (VRF) table which the CSG2 IP

address is to use for RADIUS communication.

csg-address Specifies the CSG2 IP address.

The CSG2 IP address must be a virtual IP address, and it must be unique (or the

IP address-VRF name combination must be unique, if VRF is configured). The

CSG2 IP address (or the IP address-VRF name combination) must not be

specified in other CSG2 commands, and it must not match any real IP address,

virtual IP address, or alias IP address (or IP address-VRF name combination)

configured on the CSG2.

If you want the CSG2 RADIUS endpoint IP address to be a member of a CSG2

interface subnet, you must configure the CSG2 IP address as follows:

•In non-redundant configurations, you must configure the CSG2 IP address

as a secondary IP address configured on the appropriate interface.

•In redundant configurations, you must configure the CSG2 IP address as a

standby secondary IP address on the appropriate interface.

Note The CSG2 performs radius endpoint processing only on User Datagram

Protocol (UDP) traffic that is destined for the server IP address. The

server IP address cannot be used for any other UDP communication with

the CSG2.

key Specifies a RADIUS key.

encrypt (Optional) Indicates how the secret-string is represented when the configuration

is displayed (for example, show run), or how it is written to nonvolatile memory

(for example, write memory).

The valid values are:

•0—The secret-string is stored in plain text. This is the default setting.

•7—The secret-string is encrypted before it is displayed or written to

nonvolatile memory.

Note If your router is configured to encrypt all passwords, then the password

is represented as 7 followed by the encrypted text. See the Cisco IOS

service command for more details.