Previous Next Table of Contents

30. How is Radius configured?

Configuring RADIUS on a cisco is a three step process:

  1. Configure the parameters for communicating between the cisco and your radius server, using the "radius-server" command.
            radius-server host "ipaddress"
            radius-server key "secret"
    
  2. Configure cisco's AAA layer to use RADIUS in appropriate method-lists
            AAA authentication login use-radius radius
            AAA authentication PPP use-radius if-needed radius
            ! exec authorization does per-user services after ascii login
            AAA authorization exec radius if-authenticated
            ! network authorization permits per-user access lists for PPP/etc
            AAA authorization network radius if-authenticated
            ! Accounting is optional
            AAA accounting exec start-stop radius
            AAA accounting network start-stop radius
    
  3. Configure interfaces and lines to use the appropriate AAA methods. You can avoid this somewhat by using "default" as the method name during (2)
            line 1 16
            login authentication use-radius
            autoselect PPP
            autoselect during-login
            !
            interface group-async 1
            ppp authentication chap use-radius
    


Previous Next Table of Contents