Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Upstream Network Elements and Dynamic Authorization Targets (SRC CLI)

    Dynamic authorization targets are logical entities that represent the NAS device in upstream network elements. The SIC forwards COA/DM requests to dynamic authorization targets.

    Use the following statements to configure dynamic authorization targets:

    shared sic group identifier radius network-element id upstream dynamic-authorization-target target name {address address;priority priority;}
    shared sic group identifier radius network-element id upstream dynamic-authorization-target target name {secret secret;port port;}
    shared sic group identifier radius network-element id upstream dynamic-authorization-target {failover-mode (round-robin | primary-backup);}
    shared sic group identifier radius network-element id upstream dynamic-authorization-target failover-policy {priority priority;}
    shared sic group identifier radius network-element id upstream dynamic-authorization-target failover-policy retry {number number;timeout timeout;}
    shared sic group identifier radius network-element id upstream dynamic-authorization-target failover-policy fast-fail {minimum-number minimum-number;timeout timeout;reset-delay reset-delay;}

    To configure a dynamic authorization target:

    1. From configuration mode, access the statement that configures an upstream network element and dynamic authorization target. For example, to configure an upstream RADIUS network element called ne1 and dynamic authorization target called dat1 for the SIC group group1:
      [edit]user@host# edit shared sic group group1 radius network-element ne1 upstream dynamic-authorization-target target dat1
    2. Specify the IP address of the target.
      [edit shared sic group group1 radius network-element ne1 upstream dynamic-authorization-target target dat1]user@host# set address address
    3. Specify the priority of the target. Targets with lower priority values are selected before other targets in a failover policy.
      [edit shared sic group group1 radius network-element ne1 upstream dynamic-authorization-target target dat1]user@host# set priority priority
    4. Specify the shared secret used by the target.
      [edit shared sic group group1 radius network-element ne1 upstream dynamic-authorization-target target dat1]user@host# set secret secret
    5. (Optional) Specify the port used by the target to receive dynamic authorization messages.
      [edit shared sic group group1 radius network-element ne1 upstream dynamic-authorization-target target dat1]]user@host# set port port

    Published: 2014-06-19