Manualshelf

Manual

ManualsBrandsCisco ManualsSoftwareCisco IOS Software Release 12.3(11)T
51525354555657585960
Cisco Packet Data Serving Node (PDSN) Release 2.0
Configuration Tasks
56
12.3(11)T
To configure AAA in the PDSN environment, use the following commands in global configuration
mode:
Configuring RADIUS in the PDSN Environment
RADIUS is a method for defining the exchange of AAA information in the network. In the Cisco
implementation, RADIUS clients run on Cisco routers and send authentication requests to a RADIUS
server that contains all user authentication and network server access information. For detailed
information about RADIUS configuration options, refer to the “Configuring RADIUS” chapter in the
Cisco IOS Security Configuration Guide.
To configure RADIUS in the PDSN environment, use the following commands in global configuration
mode:
Command Purpose
Router(config)# aaa new-model
Enables AAA access control.
Router(config)# aaa authentication ppp default
group radius
Enables authentication of PPP users using RADIUS.
Router(config)# aaa authorization configuration default
group radius
Enables Network Access Identifier (NAI) construction
in the absence of CHAP.
Router(config)# aaa authorization config-commands
Re-establishes the default created when the aaa
authorization commands level method1 command
was issued.
Router(config)# aaa authorization network if-authenticated
default group radius
Restricts network access to a user. Runs authorization
for all network-related service requests. Uses the
group radius authorization method as the default
method for authorization.
Router(config)# aaa accounting update periodic minutes
Enables an interim accounting record to be sent
periodically to the accounting server. The
recommended period of time is 60 minutes.
Router(config)# aaa accounting network pdsn start-stop
group radius
Enables AAA accounting of requested services for
billing or security purposes when you use RADIUS.
Command Purpose
Router(config)# radius-server host ip-addr key
sharedsecret
Specifies the IP address of the RADIUS server host
and specifies the shared secret text string used between
the router and the RADIUS server.
Router(config)# radius-server vsa send accounting 3gpp2
Enables the use of vendor-specific attributes (VSA) as
defined by RADIUS IETF attribute 26. Limits the set
of recognized vendor-specific attributes to only
accounting attributes.
Router(config)# radius-server vsa send authentication
3gpp2
Enables the use of vendor-specific attributes (VSA) as
defined by RADIUS IETF attribute 26. Limits the set
of recognized vendor-specific attributes to only
authentication attributes.
Router(config)# radius-server attribute 55
include-in-acct-req
Enables sending G4 (Event Time) Accounting-Start
from PDSN.