Network Services - Cisco 1941W Configuration Manual
Cisco 3900 series, cisco 2900 series,
cisco 1900 series
Hide thumbs
Also See for 1941W:
- Hardware installation manual (102 pages) ,
- Installing and upgrading (24 pages)
Table of Contents
Advertisement
Chapter
Administering the Wireless Device
Command
Step 6
end
Step 7
show running-config
Step 8
copy running-config startup-config
Step 9
aaa authorization exec radius
To remove the specified RADIUS server, use the no radius-server host hostname | ip-address command
in global configuration mode. To remove a server group from the configuration list, use the no aaa group
server radius group-name command in global configuration mode. To remove the IP address of a
RADIUS server, use the no server ip-address command in sg-radius configuration mode.
In the following is example, the wireless device is configured to recognize two different RADIUS group
servers (group1 and group2). Group1 has two different host entries on the same RADIUS server which
are configured for the same services. The second host entry acts as a failover backup to the first entry.
AP(config)# aaa new-model
AP(config)# radius-server host 172.20.0.1 auth-port 1000 acct-port 1001
AP(config)# radius-server host 172.10.0.1 auth-port 1645 acct-port 1646
AP(config)# aaa group server radius group1
AP(config-sg-radius)# server 172.20.0.1 auth-port 1000 acct-port 1001
AP(config-sg-radius)# exit
AP(config)# aaa group server radius group2
AP(config-sg-radius)# server 172.20.0.1 auth-port 2000 acct-port 2001
AP(config-sg-radius)# exit
Configuring RADIUS Authorization for User Privileged Access and
Network Services
AAA authorization limits the services that are available to a user. When AAA authorization is enabled,
the wireless device uses information retrieved from the user's profile, which is in the local user database
or on the security server, to configure the user session. The user is granted access to a requested service
only if the user profile allows it.
You can use the aaa authorization command in global configuration mode with the radius keyword to
set parameters that restrict a user's network access to privileged EXEC mode.
The aaa authorization exec radius command sets these authorization parameters:
•
•
Authorization is bypassed for authenticated users who log in through the CLI even if authorization has
Note
been configured.
Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide
Purpose
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Saves your entries in the configuration file.
Enables RADIUS login authentication. See the
Login Authentication" section of the "Configuring Radius and TACACS+
Servers"
Cisco Aironet Access
Use RADIUS for privileged EXEC access authorization if authentication was performed by using
RADIUS.
Use the local database if authentication was not performed by using RADIUS.
Controlling Access Point Access with RADIUS
chapter in
Cisco IOS Software Configuration Guide for
Points.
"Configuring RADIUS
309
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
