The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes the Cisco NX-OS TrustSec commands that begin with A.
To configure the default authentication, authorization, and accounting (AAA) RADIUS server groups for Cisco TrustSec authentication, use the aaa authentication cts default group command. To remove a server group from the default AAA authentication server group list, use the no form of this command.
aaa authentication cts default group group-list
no aaa authentication cts default group group-list
Space-separated list of RADIUS server groups that can include the following: |
|
|
To use this command, you must first enable the 802.1X feature by using the feature dot1x command and then enable the Cisco TrustSec feature using the feature cts command.
The group-list refers to a set of previously defined RADIUS servers. Use the radius-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.
Use the show aaa groups command to display the RADIUS server groups on the device. See the Cisco Nexus 5500 Series NX-OS Security Command Reference for information on these commands.
If you specify more than one server group, the Cisco NX-OS software checks each group in the order that you specify in the list.
This example shows how to configure the default AAA authentication RADIUS server group for Cisco TrustSec:
|
|
---|---|
To configure the default authentication, authorization, and accounting (AAA) RADIUS server groups for Cisco TrustSec authorization, use the aaa authorization cts default group command. To remove a server group from the default AAA authorization server group list, use the no form of this command.
aaa authorization cts default group group-list
no aaa authorization cts default group group-list
Space-separated list of RADIUS server groups that can include the following: |
|
|
To use the aaa authorization cts default group command, you must enable the Cisco TrustSec feature using the feature cts command.
The group-list refers to a set of previously defined RADIUS servers. Use the radius-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.
Use the show aaa groups command to display the RADIUS server groups on the device. See the Cisco Nexus 5500 Series NX-OS Security Command Reference for information on these commands.
If you specify more than one server group, the Cisco NX-OS software checks each group in the order that you specify in the list.
This example shows how to configure the default AAA authorization RADIUS server group for Cisco TrustSec:
|
|
---|---|