Chapter 28 AAA Server

 

 

 

 

Table 112 aaa group server radius Commands (continued)

 

COMMAND

 

DESCRIPTION

 

[no] aaa group server radius

Sets a descriptive name for the RADIUS server group.

 

group-name

 

The no command deletes the specified server group.

 

aaa group server radius rename

Changes the descriptive name for a RADIUS server

 

{group-name-old}group-name-new

group.

 

aaa group server radius group-name

Enter the sub-command mode.

 

[no] server description

Sets the descriptive information for the RADIUS server

 

description

 

group. You can use up to 60 printable ASCII

 

 

 

characters. The no command clears the setting.

 

[no] server group-attribute

Sets the value of an attribute that the NXC is used to

 

<1-255>

 

determine to which group a user belongs.

 

 

 

This attribute’s value is called a group identifier. You

 

 

 

can add ext-group-useruser objects to identify

 

 

 

groups based on different group identifier values.

 

 

 

For example, you could configure attributes 1,10 and

 

 

 

100 and create a ext-group-useruser object for each

 

 

 

of them. The no command clears the setting.

 

[no] server host

Enter the IP address (in dotted decimal notation) or

 

radius_server auth-portport

domain name and authentication port of a RADIUS

 

 

 

server to add to this server group. The no command

 

 

 

clears this setting.

 

[no] server key secret

Sets a password (up to 15 alphanumeric characters)

 

 

 

as the key to be shared between the RADIUS

 

 

 

server(s) and the NXC. The no command clears this

 

 

 

setting.

 

[no] server timeout time

Sets the search timeout period (in seconds). Enter a

 

 

 

number between 1 and 300. The no command clears

 

 

 

this setting and set this to the default setting of 5

 

 

 

seconds.

 

 

 

 

[no] server acct-address

Enter the IP address (in dotted decimal notation) or

 

radius_server acct-portport

domain name and authentication port of the RADIUS

 

 

 

accounting server to add to this server group. The no

 

 

 

command clears this setting.

 

[no] server acct-secret key

Enter the key (up to 15 alphanumeric characters) to

 

 

 

share between the external accounting server and the

 

 

 

NXC. The key is not sent over the network. This key

 

 

 

must be the same on the external accounting server

 

 

 

and the NXC. The no command clears this setting.

 

[no] server acct-interim-

Specifies the interval (in minutes) at which the NXC

 

interval <1..1440>

sends subscriber status updates to the RADIUS

 

 

 

server. The no command clears this setting.

 

[no] server acct-retry-count

Sets the number of times the NXC reattempts to use

 

<retry_times>

 

the primary RADIUS server before attempting to use

 

 

 

the secondary RADIUS server. This also sets how

 

 

 

many times the NXC attempts to use the secondary

 

 

 

RADIUS server. The no command clears this setting.

 

[no] server nas-id

Specifies the Network Access Server identifier attribute

 

nas_identifier

>

value if the RADIUS server requires it. The no

 

<

command clears this setting.

 

 

 

 

 

 

 

 

191

NXC CLI Reference Guide