SUMMARY STEPS
1.
enable
2.
configure terminal
3.
aaa new-model
4.
aaa group server radius group-name
5.
server-private ip-address [auth-port port-number | acct-port port-number ] [non-standard] [timeout
seconds ] [retransmit retries ] [ key string]
6.
aaa authentication login {default | list-name}
{
[passwd-expiry] method1 [method2...]
}
7.
aaa authorization network authorization-name group server-group name
8.
aaa authorization subscriber-service {default {cache | group | local} | list-name} method1 [method2...]
9.
aaa accounting
{
auth-proxy| system | network | exec | connection | commands level | dot1x
} { {
default
| list-name
} [
vrf vrf-name] {start-stop | stop-only | none} [broadcast] group group-name
10.
action-type {none | start-stop | stop-only}
11.
group { server-group}
12.
aaa accounting
{
auth-proxy | system | network | exec | connection | commands level | dot1x
} {
default
|list-name
} [
vrf vrf-name
]
{start-stop | stop-only | none} [broadcast] group group-name
DETAILED STEPS
Purpose
Command or Action
Enables the privileged EXEC mode.
enable
Step 1
Example:
Router# enable
Enter your password, if prompted.
Enters the global configuration mode.
configure terminal
Example:
Router# configure terminal
Step 2
Enables the AAA access control model.
aaa new-model
Example:
Router(config)# aaa new-model
Step 3
Groups different RADIUS server hosts into distinct
lists and methods.
aaa group server radius group-name
Example:
Router(config)# aaa group server radius AAA_SERVER_CAR
Step 4
Configures the IP address of the private RADIUS
server for the group server.
server-private ip-address [auth-port port-number | acct-port
port-number ] [non-standard] [timeout seconds ] [retransmit retries
] [ key string]
Step 5
Example:
Router(config-sg-radius)# server-private 5.3.1.76
auth-port 2145 acct-port 2146 key cisco
Intelligent Wireless Access Gateway Configuration Guide
OL-30226-03
9
Overview of the Intelligent Wireless Access Gateway
Configuring the iWAG for 3G Mobile IP Users