Cisco 10000 Series Configuration Manual page 172

Router access network control protocol

Hide thumbs Also See for 10000 Series:

Configuration manual (854 pages)

Troubleshooting manual (70 pages)

Installation manual (14 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

page of 180

/ 180
Contents
Table of Contents
Bookmarks

Table of Contents

test aaa group

no aaa attribute clid

exit

! Associate the dnis user profile with the test aaa group command.

test aaa group radius user1 pass new-code profile prfl1

The following example shows the response from a load-balanced RADIUS server that is alive when the

username "test" does not match a user profile. The server is verified alive when it issues an

Access-Reject response to a AAA packet generated by the test aaa group command.

Router# test aaa group SG1 test lab new-code

00:06:07: RADIUS/ENCODE(00000000):Orig. component type = INVALID

00:06:07: RADIUS/ENCODE(00000000): dropping service type, "radius-server attribute 6

on-for-login-auth" is off

00:06:07: RADIUS(00000000): Config NAS IP: 192.0.2.4

00:06:07: RADIUS(00000000): sending

00:06:07: RADIUS/ENCODE: Best Local IP-Address 192.0.2.141 for Radius-Server 192.0.2.176

00:06:07: RADIUS(00000000): Send Access-Request to 192.0.2.176:1645 id 1645/1, len 50

00:06:07: RADIUS:

00:06:07: RADIUS: Received from id 1645/1 192.0.2.176:1645, Access-Reject, len 44

00:06:07: RADIUS:

00:06:07: RADIUS(00000000): Received from id 1645/1

00:06:07: RADIUS/DECODE: Reply-Message fragments, 22, total 22 bytes

Cisco 10000 Series Router

The following example shows the user attribute list that the RADIUS server returns when you issue the

test aaa command and authentication is successful:

Router# test aaa group radius viral viral new-code blocked no

AAA/SG/TEST: Sending 1 Access-Requests @ 10/sec, 0 Accounting-Requests @ 10/sec

CLI-1#

AAA/SG/TEST: Testing Status

AAA/SG/TEST:

AAA/SG/TEST: Testing Status

AAA/SG/TEST:

USER ATTRIBUTES

Cisco 10000 Series Router Access Network Control Protocol Configuration Guide

A-40

authenticator CA DB F4 9B 7B 66 C8 A9 - D1 99 4E 8E A4 46 99 B4

User-Password

[2]

User-Name

[1]

NAS-IP-Address

[4]

authenticator 2F 69 84 3E F0 4E F1 62 - AB B8 75 5B 38 82 49 C3

Reply-Message

[18]

41 75 74 68 65 6E 74 69 63 61 74 69 6F 6E 20 66

61 69 6C 75 72 65

Authen Requests to Send

Authen Requests Processed

Authen Requests Sent

Authen Requests Replied

Authen Requests Successful : 1

Authen Requests Failed

Authen Requests Error

Authen Response Received

Authen No Response Recevied: 0

Account Requests to Send

Account Requests Processed

Account Requests Sent

Account Requests Replied

Account Requests Successful : 0

Account Requests Failed

Account Requests Error

Account Response Received

Account No Response Recevied: 0

Chapter A

"test"

192.0.2.141

: 1

: 0

: 1

: 0

ANCP Command Reference

[Authentication ]

[failure]

OL-14660-03

Table of Contents

Cisco 10000 Series Configuration Manual page 172

Related Manuals for Cisco 10000 Series

Related Products for Cisco 10000 Series

Table of Contents