Filter
Top Products
Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software
server (RADIUS)
SR-53
Cisco IOS XR System Security Command Reference
When you use the optional keywords, the network access server identifies RADIUS security servers and
host instances associated with a group server based on their IP address and specific UDP port numbers.
The combination of the IP address and UDP port number creates a unique identifier, allowing different
ports to be individually defined as RADIUS host entries providing a specific AAA service. If two
different host entries on the same RADIUS server are configured for the same service, for example,
accounting, the second host entry configured acts as failover backup to the first one. Using this example,
if the first host entry fails to provide accounting services, the network access server will try the second
host entry configured on the same device for accounting services. (The RADIUS host entries are tried in
the order they are configured.)
Task ID
Examples The following example shows how to use two different host entries on the same RADIUS server that are
configured for the same services—authentication and accounting. The second host entry configured acts
as fail-over backup to the first one.
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# aaa group server radius group1
RP/0/RP0/CPU0:router(config-sg-radius)# server 1.1.1.1 auth-port 1645 acct-port 1646
RP/0/RP0/CPU0:router(config-sg-radius)# server 2.2.2.2 auth-port 2000 acct-port 2001
Related Commands
Task ID Operations
aaa read, write
Command Description
aaa group server radius Groups different RADIUSserver hostsinto distinct listsand distinct
methods.
deadtime (server-group
configuration)
Configures the deadtime value at the RADIUS server group level.
radius-server host Specifies a RADIUS server host.