Cisco OL-15491-01 User Manual
Page 141
A-141
Cisco Content Services Gateway - 2nd Generation Release 2.0 Installation and Configuration Guide
OL-15491-01
Appendix A CSG2 Command Reference
ip csg radius proxy
Defaults
The secret-string is stored in plain text.
The csg-source-address is set to csg-address.
If no VRF table is specified for the CSG2, the CSG2 uses the global routing table for RADIUS
communication.
If no VRF table is specified for the RADIUS server, the RADIUS server uses the global routing table for
RADIUS communication.
If no VRF table is specified for the subscriber, the subscriber uses the global routing table for RADIUS
communication.
Command Modes
Global configuration
Command History
Usage Guidelines
A message sent to the specified csg-address (and any port) is parsed and then forwarded to the specified
RADIUS server. When forwarded to the RADIUS server, the source IP address is the
csg-source-address.
The source port is arbitrarily chosen by the CSG2, and the destination port remains unchanged. When a
message is received from the network and forwarded to the subscriber, the source IP address is the
csg-address, and the source port remains unchanged. The source IP address and port are taken from the
destination IP address and port in the original message from the subscriber.
You can configure an optional RADIUS key. If you configure a key, the CSG2 parses and acts on the
message only if the RADIUS authenticator is correct. If the key is not configured, the CSG2 always
parses the message. Whether you configure a key or not, and whether it is correct or not, the CSG2
always forwards the message.
You can specify up to 64 RADIUS proxies.
Note
A RADIUS proxy that is configured with different values for the csg-address and csg-source-address
virtual server IP addresses consumes two RADIUS proxy resources, not just one. As a result, the
maximum number of RADIUS proxies is reduced by one for each RADIUS proxy configured with
different values for the virtual server IP addresses. In order to configure 64 RADIUS proxies, each
RADIUS proxy must be configured with the same IP address for csg-address and csg-source-address.
The virtual server IP address must still be different for each RADIUS proxy command.
Release
Modification
12.4(11)MD
This command was migrated from CSG1.
Changes from CSG1:
•
The name of this command changed from radius proxy to ip csg radius proxy.
•
The configuration mode for this command changed from module CSG
configuration to global configuration.
•
The vrf csg-vrf-name, vrf server-vrf-name, and vrf sub-vrf-name keywords and
arguments were added.
•
The table table-name keyword and argument were removed.