Configuring a Local Server Profile for RFC 5176 Support
Configuring the Port on which the Local RADIUS Server Listens
Configuring the Port on which the Local RADIUS Server Listens
POST http://<mgmt0_IP>/api/mo/sys/userext/radiusext.json
{
"aaaRadiusEp": {
"children": [
{
"aaaDynamicRadiusAuthServer": {
"attributes": {
"port": "3568"
}}}]}}
{
imdata:[]
}
<System>
<userext-items>
<radiusext-items>
<dynamicradiusauthserver-items>
<port>3568</port>
</dynamicradiusauthserver-items>
</radiusext-items>
</userext-items>
</System>
Note: This example was added in Release 9.3(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
aaa server radius dynamic-author
port 3568
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| aaaRadiusEp | sys/userext/radiusext |
| aaaDynamicRadiusAuthServer | sys/userext/radiusext/dynamicradiusauthserver |
aaaDynamicRadiusAuthServer Properties
The following table contains information about the aaaDynamicRadiusAuthServer properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| port | scalar:Uint32 | Configuration for port number | RANGE: [0 , 65535] DEFAULT: 1700 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Deleting the Port on which the Local RADIUS Server Listens
Deleting the Port on which the Local RADIUS Server Listens
POST http://<mgmt0_IP>/api/mo/sys/userext/radiusext.json
{
"aaaRadiusEp": {
"children": [
{
"aaaDynamicRadiusAuthServer": {
"attributes": {
"port": "3568"
}}}]}}
{
imdata:[]
}
<System>
<userext-items>
<radiusext-items>
<dynamicradiusauthserver-items>
<port>3568</port>
</dynamicradiusauthserver-items>
</radiusext-items>
</userext-items>
</System>
Note: This example was added in Release 9.3(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
aaa server radius dynamic-author
no port 3568
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| aaaRadiusEp | sys/userext/radiusext |
| aaaDynamicRadiusAuthServer | sys/userext/radiusext/dynamicradiusauthserver |
aaaDynamicRadiusAuthServer Properties
The following table contains information about the aaaDynamicRadiusAuthServer properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| port | scalar:Uint32 | Configuration for port number | RANGE: [0 , 65535] DEFAULT: 1700 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring the Encryption Key Shared with the RADIUS Clients
Configuring the Encryption Key Shared with the RADIUS Clients
POST http://<mgmt0_IP>/api/mo/sys/userext/radiusext.json
{
"aaaRadiusEp": {
"children": [
{
"aaaDynamicRadiusAuthServer": {
"attributes": {
"key": "SampleString_123",
"keyEnc": "0"
}}}]}}
{
imdata:[]
}
<System>
<userext-items>
<radiusext-items>
<dynamicradiusauthserver-items>
<key>SampleString_123</key>
<keyEnc>0</keyEnc>
</dynamicradiusauthserver-items>
</radiusext-items>
</userext-items>
</System>
Note: This example was added in Release 9.3(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
aaa server radius dynamic-author
server-key 0 SampleString_123
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| aaaRadiusEp | sys/userext/radiusext |
| aaaDynamicRadiusAuthServer | sys/userext/radiusext/dynamicradiusauthserver |
aaaDynamicRadiusAuthServer Properties
The following table contains information about the aaaDynamicRadiusAuthServer properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| key | string:Basic | Configuration for server key | RANGE: [0 , 63] |
| keyEnc | aaa:KeyEnc (scalar:Enum8) | server key Encription type | SELECTION: 0 - 0 6 - 6 7 - 7 DEFAULT: 0 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Deleting the Encryption Key Shared with the RADIUS Clients
Deleting the Encryption Key Shared with the RADIUS Clients
POST http://<mgmt0_IP>/api/mo/sys/userext/radiusext.json
{
"aaaRadiusEp": {
"children": [
{
"aaaDynamicRadiusAuthServer": {
"attributes": {
"key": "",
"keyEnc": "0"
}}}]}}
{
imdata:[]
}
<System>
<userext-items>
<radiusext-items>
<dynamicradiusauthserver-items>
<key></key>
<keyEnc>0</keyEnc>
</dynamicradiusauthserver-items>
</radiusext-items>
</userext-items>
</System>
Note: This example was added in Release 9.3(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
aaa server radius dynamic-author
no server-key 0 SampleString_123
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| aaaRadiusEp | sys/userext/radiusext |
| aaaDynamicRadiusAuthServer | sys/userext/radiusext/dynamicradiusauthserver |
aaaDynamicRadiusAuthServer Properties
The following table contains information about the aaaDynamicRadiusAuthServer properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| key | string:Basic | Configuration for server key | RANGE: [0 , 63] |
| keyEnc | aaa:KeyEnc (scalar:Enum8) | server key Encription type | SELECTION: 0 - 0 6 - 6 7 - 7 DEFAULT: 0 |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring the Encryption Key Shared with the RADIUS Client (Encrypted)
Configuring the Encryption Key Shared with the RADIUS Client (Encrypted)
POST http://<mgmt0_IP>/api/mo/sys/userext/radiusext/dynamicradiusauthserver.json
{
"aaaDynamicRadiusAuthServer": {
"children": [
{
"aaaDynamicAuthClient": {
"attributes": {
"key": "SampleString_123",
"keyEnc": "7",
"name": "HostName",
"vrf": "default"
}}}]}}
{
imdata:[]
}
<System>
<userext-items>
<radiusext-items>
<dynamicradiusauthserver-items>
<dynamicauthclient-items>
<DynamicAuthClient-list>
<name>HostName</name>
<key>SampleString_123</key>
<keyEnc>7</keyEnc>
<vrf>default</vrf>
</DynamicAuthClient-list>
</dynamicauthclient-items>
</dynamicradiusauthserver-items>
</radiusext-items>
</userext-items>
</System>
Note: This example was added in Release 9.3(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
aaa server radius dynamic-author
client HostName vrf default server-key 7 SampleString_123
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| aaaDynamicRadiusAuthServer | sys/userext/radiusext/dynamicradiusauthserver |
| aaaDynamicAuthClient | sys/userext/radiusext/dynamicradiusauthserver/dynamicauthclient-[HostName] |
aaaDynamicAuthClient Properties
The following table contains information about the aaaDynamicAuthClient properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| key | string:Basic | serverkey for dynamic-author client | RANGE: [0 , 63] |
| keyEnc | aaa:KeyEnc (scalar:Enum8) | Default key encryption type | SELECTION: 0 - 0 6 - 6 7 - 7 DEFAULT: 0 |
| name | pol:ObjName (naming:Name256) | Object name | RANGE: [0 , 128] |
| vrf | l3:VrfName (string:Basic) | vrf name for dynamic-author client | A sequence of characters |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:
Configuring the Encryption Key Shared with the RADIUS Client (Clear Text)
Configuring the Encryption Key Shared with the RADIUS Client (Clear Text)
POST http://<mgmt0_IP>/api/mo/sys/userext/radiusext/dynamicradiusauthserver.json
{
"aaaDynamicRadiusAuthServer": {
"children": [
{
"aaaDynamicAuthClient": {
"attributes": {
"key": "SampleString_123",
"keyEnc": "0",
"name": "HostName",
"vrf": "management"
}}}]}}
{
imdata:[]
}
<System>
<userext-items>
<radiusext-items>
<dynamicradiusauthserver-items>
<dynamicauthclient-items>
<DynamicAuthClient-list>
<name>HostName</name>
<key>SampleString_123</key>
<keyEnc>0</keyEnc>
<vrf>management</vrf>
</DynamicAuthClient-list>
</dynamicauthclient-items>
</dynamicradiusauthserver-items>
</radiusext-items>
</userext-items>
</System>
Note: This example was added in Release 9.3(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
aaa server radius dynamic-author
client HostName vrf management server-key 0 SampleString_123
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| aaaDynamicRadiusAuthServer | sys/userext/radiusext/dynamicradiusauthserver |
| aaaDynamicAuthClient | sys/userext/radiusext/dynamicradiusauthserver/dynamicauthclient-[HostName] |
aaaDynamicAuthClient Properties
The following table contains information about the aaaDynamicAuthClient properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Description | Values |
|---|---|---|---|
| key | string:Basic | serverkey for dynamic-author client | RANGE: [0 , 63] |
| keyEnc | aaa:KeyEnc (scalar:Enum8) | Default key encryption type | SELECTION: 0 - 0 6 - 6 7 - 7 DEFAULT: 0 |
| name | pol:ObjName (naming:Name256) | Object name | RANGE: [0 , 128] |
| vrf | l3:VrfName (string:Basic) | vrf name for dynamic-author client | A sequence of characters |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide: