|
Command or Action |
Purpose |
|
enable
Example:
Router> enable
|
Enables privileged EXEC mode.
-
Enter your password if prompted.
|
|
configure terminal
Example:
Router# configure terminal
|
Enters global configuration mode. |
|
service dhcp
Example:
Router(config)# service dhcp
|
Enables DHCP server and relay agent features on the router.
-
By default, these features are enabled on the router.
|
|
aaa new-model
Example:
Router(config)# aaa new-model
|
Enables the AAA access control system. |
|
aaa group server radius group-name
Example:
Router(config)# aaa group server radius group1
|
Specifies the name of the server host list to group RADIUS server hosts, and enters server-group configuration mode.
-
group-name --Character string to name the server group. The following words cannot be used as the group name:
-
auth-guest
-
enable
-
guest
-
if-authenticated
-
if-needed
-
krb5
-
krb-instance
-
krb-telnet
-
line
-
local
-
none
-
radius
-
rcmd
-
tacacs
-
tacacsplus
|
|
server ip-address [auth-port port-number] [acct-port port-number]
Example:
Router(config-sg-radius)# server 10.1.1.1 auth-port 1700 acct-port 1701
|
Specifies the IP address of the RADIUS server host for the defined server group.
|
|
exit
Example:
Router(config-sg-radius)# exit
|
Exits server-group configuration mode. |
|
aaa authorization network method-list-name group group-name
Example:
Router(config)# aaa authorization network auth1 group group1
|
Specifies the methods list and server group for DHCP authorization.
-
method-list-name --Character string to name the authorization methods list.
-
group --Specifies a server group.
-
group-name --Name of the server group to apply to DHCP authorization.
|
|
aaa accounting network method-list-name start-stop group group-name
Example:
Router(config)# aaa accounting network acct1 start-stop group group1
|
Specifies that AAA accounting runs for all network service requests.
-
method-list-name --Character string to name the accounting methods list.
-
start-stop --Sends a start accounting notice at the beginning of a process and a stop accounting notice at the end of a process. The start accounting record is sent in the background. The requested user process begins regardless of whether or not the start accounting notice is received by the accounting server.
-
group --Specifies a server group.
-
group-name --Name of the server group to apply to DHCP accounting.
|
|
interface type slot / subslot / port [. subinterface]
Example:
Router(config)# interface ethernet 1/10/0.0
|
Configures an interface or subinterface that allows the DHCP client to obtain an IP address from the DHCP server, and enters subinterface configuration mode. |
|
encapsulation dot1q vlan-id second-dot1q {any | vlan-id [, vlan-id [- vlan-id]]}
Example:
Router(config-subif)# encapsulation dot1q 100 second-dot1q 200
|
(Optional) Enables IEEE 802.1Q encapsulation of traffic on a subinterface in a VLAN.
-
vlan-id --VLAN ID, integer in the range 1 to 4094. To separate the starting and ending VLAN ID values that are used to define a range of VLAN IDs, enter a hyphen. (Optional) To separate each VLAN ID range from the next range, enter a comma.
-
second-dot1q --Supports the IEEE 802.1Q-in-Q VLAN Tag Termination feature to configure an inner VLAN ID.
-
any --Any second tag in the range 1 to 4094.
|
|
ip address address mask
Example:
Router(config-subif)# ip address 192.168.1.1 255.255.255.0
|
Specifies an IP address for an interface or subinterface.
-
address is the IP address of the interface or subinterface.
-
mask is the subnet address for the IP address.
|
|
no shutdown
Example:
Router(config-subif)# no shutdown
|
Enables the interface or subinterface. |
|
exit
Example:
Router(config-subif)# exit
|
Exits subinterface configuration mode and enters global configuration mode. |
|
radius-server host ip-address [auth-port port-number] [acct-port port-number]
Example:
Router(config)# radius-server host 10.1.1.1
|
Specifies a RADIUS server host.
-
ip-address is the IP address of the RADIUS server host.
-
auth-port port-number-- (Optional) Specifies the UDP destination port for authentication requests. Default value is 1645.
-
acct-port port-number-- (Optional) Specifies the UDP destination port for accounting requests. Default value is 1646.
|
|
radius-server key {0 string | 7 string | string}
Example:
Router(config)# radius-server key string1
|
Specifies the authentication and encryption key for all RADIUS communications between the router and the RADIUS daemon.
-
0 string-- Specifies an unencrypted (cleartext) shared key
-
7 string -- Specifies a hidden shared key.
Note |
Any key you enter must match the key on the RADIUS daemon. All leading spaces are ignored, but spaces within and at the end of the key are used. If you use spaces in your key, do not enclose the key in quotation marks unless the quotation marks are part of the key. |
|
|
exit
Example:
Router(config)# exit
|
Exits global configuration mode. |