Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Stripping Domain Name Per Virtual Router for RADIUS Server Authentication

    This example illustrates the final username for a subscriber, based on the virtual router applied.

    1. Configure the five virtual routers.
      host(config)#profile VR1 host(config-profile)#ppp authentication virtual-router vr1 pap chap host(config-profile)#exit host(config)#profile VR2 host(config-profile)#ppp authentication virtual-router vr2 pap chap host(config-profile)#exit host(config)#profile VR3 host(config-profile)#ppp authentication virtual-router vr3 pap chap host(config-profile)#exit host(config)#profile VR4 host(config-profile)#ppp authentication virtual-router vr4 pap chap host(config-profile)#exit host(config)#profile VR5 host(config-profile)#ppp authentication virtual-router vr2 pap chap host(config-profile)#exit
    2. Access the context of a previously created virtual router and enable the strip domain functionality for each virtual router.
      host(config)#virtual-router vr1 host:vr1(config)#aaa strip-domain enable host:vr1(config)#aaa strip-domain delimiter domainName $ host:vr1(config)#aaa strip-domain parse-direction domainName left-to-right host:vr1(config)#radius authentication server 10.209.154.193 host:vr1(config)#key bras host:vr1(config)#exit host:vr1(config)#radius accounting server 10.209.154.193 host:vr1(config-radius)#key bras host:vr1(config-radius)#exit host:vr1(config)#virtual-router vr2 host:vr2(config)#aaa strip-domain enable host:vr2(config)#aaa strip-domain parse-direction domainName left-to-right host:vr2(config)#radius authentication server 10.209.154.194 host:vr2(config-radius)#key bras host:vr2(config-radius)#exit host:vr2(config)#radius accounting server 10.209.154.194 host:vr2(config-radius)#key bras host:vr2(config-radius)#exit host:vr2(config)#virtual-router vr3 host:vr3(config)#radius authentication server 10.209.154.193 host:vr3(config-radius)#key bras host:vr3(config-radius)#exit host:vr3(config)#radius accounting server 10.209.154.193 host:vr3(config-radius)#key bras host:vr3(config-radius)#exit host:vr3(config)#virtual-router vr4 host:vr4(config)#aaa strip-domain enable host:vr4(config)#aaa strip-domain delimiter domainName % host:vr4(config)#radius authentication server 10.209.154.194 host:vr4(config-radius)#key bras host:vr4(config-radius)#exit host:vr4(config)#radius accounting server 10.209.154.195 host:vr4(config-radius)#key bras host:vr4(config-radius)#exit host:vr4(config)#virtual-router vr5 host:vr5(config)#aaa strip-domain enable host:vr5(config)#radius authentication server 10.209.154.193 host:vr5(config-radius)#key bras host:vr5(config-radius)#exit host:vr5(config)#radius accounting server 10.209.154.192 host:vr5(config-radius)#key bras host:vr5(config-radius)#exit

    Based on the configurations of the virtual routers, Table 1 lists the final username that is sent to the RADIUS server for RADIUS authentication and accounting for each virtual router.

    Note:

    • The output of the show subscribers command does not display the final username of the subscriber. It displays the complete username, including the domain name (if available), of the subscriber for all virtual routers regardless of the status of the strip domain feature.
    • When you execute the show subscribers and logout subscribers commands with the username keyword, you must specify the complete username, including the domain name (if available), of the subscriber regardless of the status of the strip domain feature on a virtual router or AAA domain map.

    Table 1: aaa strip-domain Example

    Subscribers

    Virtual Router Applied

    Final User Name

    user1@123.com$test

    vr1

    user1@123.com

    user2@123.com$test

    vr2

    user2

    user3@123.com$test

    vr3

    user3@123.com$test

    user4@123.com%test

    vr4

    user4@123.com

    user5@123.com@test$test

    vr5

    user5@123.com

    Published: 2014-08-20