A Commands

This chapter describes the Cisco NX-OS TrustSec commands that begin with A.

aaa authentication cts default group

To configure the default authentication, authorization, and accounting (AAA) RADIUS server groups for Cisco TrustSec authentication, use the aaa authentication cts default group command. To remove a server group from the default AAA authentication server group list, use the no form of this command.

aaa authentication cts default group group-list

no aaa authentication cts default group group-list

 
Syntax Description

group-list

Space-separated list of RADIUS server groups that can include the following:

  • radius for all configured RADIUS servers.
  • Any configured RADIUS server group name.

The maximum number of names in the list is eight.

 
Command Default

None

 
Command Modes

Global configuration mode

 
Command History

Release
Modification

5.2(1)N1(1)

This command was introduced.

 
Usage Guidelines

To use this command, you must first enable the 802.1X feature by using the feature dot1x command and then enable the Cisco TrustSec feature using the feature cts command.

The group-list refers to a set of previously defined RADIUS servers. Use the radius-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.

Use the show aaa groups command to display the RADIUS server groups on the device. See the Cisco Nexus 5500 Series NX-OS Security Command Reference for information on these commands.

If you specify more than one server group, the Cisco NX-OS software checks each group in the order that you specify in the list.

This command does not require a license.

Examples

This example shows how to configure the default AAA authentication RADIUS server group for Cisco TrustSec:

switch# configure terminal
swtich(config)# aaa authentication cts default group RadGroup
swtich(config)#
 

 
Related Commands

Command
Description

aaa group server

Configures AAA server groups.

feature cts

Enables the Cisco TrustSec feature.

feature dot1x

Enables the 802.1X feature on the switch.

radius-server host

Configures RADIUS servers.

show aaa authentication

Displays the AAA authentication configuration.

show aaa groups

Displays the AAA server groups.

 

aaa authorization cts default group

To configure the default authentication, authorization, and accounting (AAA) RADIUS server groups for Cisco TrustSec authorization, use the aaa authorization cts default group command. To remove a server group from the default AAA authorization server group list, use the no form of this command.

aaa authorization cts default group group-list

no aaa authorization cts default group group-list

 
Syntax Description

group-list

Space-separated list of RADIUS server groups that can include the following:

  • radius for all configured RADIUS servers.
  • Any configured RADIUS server group name.

The maximum number of names in the list is eight.

 
Command Default

None

 
Command Modes

Global configuration mode

 
Command History

Release
Modification

5.2(1)N1(1)

This command was introduced.

 
Usage Guidelines

To use the aaa authorization cts default group command, you must enable the Cisco TrustSec feature using the feature cts command.

The group-list refers to a set of previously defined RADIUS servers. Use the radius-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.

Use the show aaa groups command to display the RADIUS server groups on the device. See the Cisco Nexus 5500 Series NX-OS Security Command Reference for information on these commands.

If you specify more than one server group, the Cisco NX-OS software checks each group in the order that you specify in the list.

This command does not require a license.

Examples

This example shows how to configure the default AAA authorization RADIUS server group for Cisco TrustSec:

switch# configure terminal
swtich(config)# aaa authorization cts default group RadGroup
swtich(config)#
 

 
Related Commands

Command
Description

feature cts

Enables the Cisco TrustSec feature.

show aaa authorization

Displays the AAA authorization configuration.

show aaa groups

Displays the AAA server groups.