Table of Contents
Advertisement
Chapter 7
Configuring RADIUS Servers
Defining AAA Server Groups
You can configure the access point to use AAA server groups to group existing server hosts for
authentication. You select a subset of the configured server hosts and use them for a particular service.
The server group is used with a global server-host list, which lists the IP addresses of the selected server
hosts.
Server groups also can include multiple host entries for the same server if each entry has a unique
identifier (the combination of the IP address and UDP port number), allowing different ports to be
individually defined as RADIUS hosts providing a specific AAA service. If you configure two different
host entries on the same RADIUS server for the same service (such as accounting), the second
configured host entry acts as a fail-over backup to the first one.
You use the server group server configuration command to associate a particular server with a defined
group server. You can either identify the server by its IP address or identify multiple host instances or
entries by using the optional auth-port and acct-port keywords.
Beginning in privileged EXEC mode, follow these steps to define the AAA server group and associate a
particular RADIUS server with it:
Command
Step 1
configure terminal
Step 2
aaa new-model
OL-6415-04
Purpose
Enter global configuration mode.
Enable AAA.
Cisco Wireless ISR and HWIC Access Point Configuration Guide
Configuring and Enabling RADIUS
7-9
Advertisement
Table of Contents
