Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring AAA Policies (SRC CLI)

    Tasks to configure AAA policies are:

    Configuring AAA Policy Lists

    To configure AAA policy lists:

    1. From configuration mode, create a policy list. For example, to create a policy list called l1 within a policy group called tiered_aaa:
      user@host# edit policies group tiered_aaa list l1
    2. Specify the type of policy list.
      [edit policies group tiered_aaa list l1] user@host# set role aaa
    3. Specify where the policy is applied on the device.
      [edit policies group tiered_aaa list l1] user@host# set applicability both

    Configuring AAA Policy Rules

    To configure AAA policy rules:

    1. From configuration mode, create a policy rule inside a policy list that has already been created and configured. For example, to create a policy rule called r1 within policy list l1:
      user@host# edit policies group tiered_aaa list l1 rule r1
    2. Specify the type of policy rule.
      [edit policies group tiered_aaa list l1 rule r1] user@host# set type aaa

    Configuring Template Activation Actions

    Use this action to activate service templates for RADIUS-enabled devices. You can configure template activation actions for AAA policy rules.

    The template name and parameters are listed in the SIC service templates.

    Note: We recommend that the user_ipMask and user_ipAddress runtime parameters be avoided for activate-on-login services.

    Use the following configuration statements to configure a template activation action:

    policies group name list name rule name template-activation name { template-name template-name;description description;}
    policies group name list name rule name template-activation name variables name { value value;type type;}

    To configure a template activation action:

    1. From configuration mode, enter the template activation action configuration. For example, in this procedure, ta is the name of the template activation action.
      user@host# edit policies group tiered_aaa list l1 rule r1 template-activation ta
    2. Enter the template name to activate.
      [edit policies group tiered_aaa list l1 rule r1 template-activation ta] user@host# set template-name template-name
    3. (Optional) Enter a description for the template activation action.
      [edit policies group tiered_aaa list l1 rule r1 template-activation ta] user@host# set description description
    4. From configuration mode, enter the parameters used by the template.
      user@host# edit policies group tiered_aaa list l1 rule r1 template-activation ta variables name

      For example:

      user@host# edit policies group tiered_aaa list l1 rule r1 template-activation ta variables upstreamBandwidth
    5. (Optional) Configure the value for the variable.
      [edit policies group tiered_aaa list l1 rule r1 template-activation ta variables name] user@host# set value value

      For example:

      [edit policies group tiered_aaa list l1 rule r1 template-activation ta variables upstreamBandwidth] user@host# set value rateParameter
    6. (Optional) Configure the variable type. Variable types are mapped to parameter types.
      [edit policies group tiered_aaa list l1 rule r1 template-activation ta variables name] user@host# set type type

      For example:

      [edit policies group tiered_aaa list l1 rule r1 template-activation ta variables upstreamBandwidth] user@host# set type rate

    Modified: 2016-05-19