[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Configuration Example
In this example, the administrator wants to restrict
access of a PPP interface to the specific domain abc.com.
- Create an AAA profile.
- host1(config)#aaa profile restrictToABC
- Specify the domain name you want to allow.
- host1(config-aaa-profile)#allow abc.com
- Specify the domain name you want to restrict.
- host1(config-aaa-profile)#deny default
- Associate the AAA profile to the designated PPP interface.
- host1(config-if)#ppp aaa-profile restrictToABC
When configured as such, the following is a likely
scenario:
- PPP passes the AAA profile restrictToABC to AAA in the authentication request.
- AAA performs the following:
- Receives the authentication request from PPP with the
subscriber’s name will@xyz.com.
- Parses the domain name xyz.com and examines the specified AAA profile restrictToABC.
- Determines that the AAA profile restrictToABC is valid.
- Searches restrictToABC for
a match on the PPP subscriber’s domain name and finds no match.
- Searches restrictToABC for
a match on the domain name default.
- Finds a match and denies the user access.
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
