Feedback
Table Of Contents
aaa authentication cts default group
aaa authorization cts default group
A Commands
This chapter describes the Cisco NX-OS TrustSec commands that begin with A.
aaa authentication cts default group
To configure the default authentication, authorization, and accounting (AAA) RADIUS server groups for Cisco TrustSec authentication, use the aaa authentication cts default group command. To remove a server group from the default AAA authentication server group list, use the no form of this command.
aaa authentication cts default group group-list
no aaa authentication cts default group group-list
Syntax Description
Command Default
None
Command Modes
Global configuration mode
Command History
Usage Guidelines
To use this command, you must first enable the 802.1X feature by using the feature dot1x command and then enable the Cisco TrustSec feature using the feature cts command.
The group-list refers to a set of previously defined RADIUS servers. Use the radius-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.
Use the show aaa groups command to display the RADIUS server groups on the device. See the Cisco Nexus 5000 Series NX-OS Security Command Reference for information on these commands.
If you specify more than one server group, the Cisco NX-OS software checks each group in the order that you specify in the list.
This command does not require a license.
Examples
This example shows how to configure the default AAA authentication RADIUS server group for Cisco TrustSec:
switch# configure terminalswtich(config)# aaa authentication cts default group RadGroupswtich(config)#Related Commands
aaa authorization cts default group
To configure the default authentication, authorization, and accounting (AAA) RADIUS server groups for Cisco TrustSec authorization, use the aaa authorization cts default group command. To remove a server group from the default AAA authorization server group list, use the no form of this command.
aaa authorization cts default group group-list
no aaa authorization cts default group group-list
Syntax Description
Command Default
None
Command Modes
Global configuration mode
Command History
Usage Guidelines
To use the aaa authorization cts default group command, you must enable the Cisco TrustSec feature using the feature cts command.
The group-list refers to a set of previously defined RADIUS servers. Use the radius-server host command to configure the host servers. Use the aaa group server command to create a named group of servers.
Use the show aaa groups command to display the RADIUS server groups on the device. See the Cisco Nexus 5000 Series NX-OS Security Command Reference for information on these commands.
If you specify more than one server group, the Cisco NX-OS software checks each group in the order that you specify in the list.
This command does not require a license.
Examples
This example shows how to configure the default AAA authorization RADIUS server group for Cisco TrustSec:
switch# configure terminalswtich(config)# aaa authorization cts default group RadGroupswtich(config)#Related Commands
feature cts
Enables the Cisco TrustSec feature.
show aaa authorization
Displays the AAA authorization configuration.
show aaa groups
Displays the AAA server groups.
radius for all configured RADIUS servers.