beautypg.com

Ip csg radius pod nas – Cisco OL-15491-01 User Manual

Page 136

background image

A-136

Cisco Content Services Gateway - 2nd Generation Release 2.0 Installation and Configuration Guide

OL-15491-01

Appendix A CSG2 Command Reference

ip csg radius pod nas

ip csg radius pod nas

To specify the Network Access Server (NAS) port to which the CSG2 is to send the Packet of Disconnect
(PoD) message, and to specify the key to use in calculating the Authenticator, use the ip csg radius pod
nas
command in global configuration mode. To restore the default settings, use the no form of this
command.

ip csg radius pod nas [vrf vrf-name] [start-ip end-ip] port key [encrypt] secret-string

no ip csg radius pod nas [vrf vrf-name] [start-ip end-ip] port key [encrypt] secret-string

Syntax Description

Defaults

The secret-string is stored in plain text.
If no VRF table is specified, the CSG2 uses the global routing table for RADIUS communication.

vrf vrf-name

(Optional) Virtual Routing and Forwarding (VRF) table which the CSG2 is to use
for RADIUS communication.

Note

The VRF table name is defined using the vrf definition command in global
configuration mode. VRF table names supported by the CSG2 can be from
1 to 32 characters long, and can include uppercase or lowercase letters,
numbers, and any special characters.

The CSG2 does not support the use of the word forwarding as a valid VRF
name.

start-ip

(Optional) Specifies the first NAS IP address in a range of addresses.

end-ip

(Optional) Specifies the last NAS IP address in a range of addresses.

port

Specifies the NAS port number to which the PoD message is sent.

key

Specifies a RADIUS key.

encrypt

(Optional) Indicates how the secret-string is represented when the configuration is
displayed (for example, show run), or how it is written to nonvolatile memory (for
example, write memory).

The possible values are 0 and 7:

0—The secret-string is stored in plain text. This is the default setting.

7—The secret-string is encrypted before it is displayed or written to nonvolatile
memory.

Note

If your router is configured to encrypt all passwords, then the password is
represented as 7 followed by the encrypted text. See the Cisco IOS service
command for more details.

secret-string

1- to 64-character clear password value for MD5 authentication. All characters are
valid; case is significant.

The secret-string is always sent in plain text to the CSG2 module when the
configuration is downloaded.

The secret-string must match the secret that is specified on the RADIUS client (for
example, the gateway general packet radio service [GPRS] support node [GGSN]).