Cisco Systems XR Water System User Manual

Open as PDF

of 100

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

radius-server host

SR-42

Cisco IOS XR System Security Command Reference

Command History

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper

task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on

Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

You can use multiple radius-server host commands to specify multiple hosts. The

Cisco IOS XR software searches for hosts in the order in which you specify them.

If no host-specific timeout, retransmit, or key values are specified, the global values apply to each host

Task ID.

Examples The following example shows how to establish host1 as the RADIUS server and use default ports for

both accounting and authentication:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# radius-server host host1

The following example shows how to establish port 1612 as the destination port for authentication

requests and port 1616 as the destination port for accounting requests on the RADIUS host named host1:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# radius-server host host1 auth-port 1612 acct-port 1616

Because entering a line resets all the port numbers, you must specify a host and configure accounting

and authentication ports on a single line.

The following example shows how to establish the host with IP address 172.29.39.46 as the RADIUS

server, use ports 1612 and 1616 as the authorization and accounting ports, set the timeout value to 6, set

the retransmit value to 5, and set “rad123” as the encryption key, matching the key on the RADIUS

server:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# radius-server host 172.29.39.46 auth-port 1612 acct-port

1616 timeout 6 retransmit 5 key rad123

To use separate servers for accounting and authentication, use the zero port value as appropriate.

The following example shows how to establish that RADIUS server host1 be used for accounting but not

for authentication, and specify that RADIUS server host2 be used for authentication but not for

accounting:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# radius-server host host1.example.com auth-port 0

RP/0/RP0/CPU0:router(config)# radius-server host host2.example.com acct-port 0

Release Modification

Release 3.2 This command was introduced on the Cisco CRS-1 and

Cisco XR 12000 Series Router.

Release 3.3.0 No modification.

Task ID Operations

aaa read, write

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems XR Water System User Manual