Python RADIUS Command Reference

Command Hierarchies

configure
— aaa
radius-script-policy policy-name [create]
— no radius-script-policy policy-name
action-on-fail {drop | passthrough}
— no action-on-fail
description description
— no description
primary
script-url primary-script-url
— no script-url
[no] shutdown
secondary
script-url secondary-script-url
— no script-url
[no] shutdown
configure
— aaa
l2tp-accounting-policy policy-name [create]
— no l2tp-accounting-policy policy-name
request-script-policy policy-name
— no request-script-policy
radius-server-policy policy-name [create]
— no radius-server-policy policy-name
accept-script-policy policy-name
— no accept-script-policy
request-script-policy policy-name
— no request-script-policy
configure
— subscriber-mgmt
authentication-policy name [create]
— no authentication-policy name
accept-script-policy policy-name
— no accept-script-policy
coa-script-policy policy-name
— no coa-script-policy
request-script-policy policy-name
— no request-script-policy
radius-accounting-policy name [create]
— no radius-accounting-policy name
acct-request-script-policy policy-name
— no acct-request-script-policy

Command Descriptions

Generic Commands

description

Syntax 
description description-string
no description
Context 
confif>aaa>radius-script-policy
Description 

This command creates a text description stored in the configuration file for a configuration context.

The description command associates a text string with a configuration context to help identify the context in the configuration file.

The no form of this command removes any description string from the context.

Default 

No description is associated with the configuration context.

Parameters 
description-string—
A text string describing the entity. Allowed values are any string up to 80 characters long composed of printable, 7-bit ASCII characters excluding double quotes. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

shutdown

Syntax 
[no] shutdown
Context 
config>aaa>radius-scr-plcy>primary
config>aaa>radius-scr-plcy>secondary
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of the command puts an entity into the administratively enabled state.

Default 

no shutdown

Script Commands

radius-script-policy

Syntax 
radius-script-policy policy-name [create]
no radius-script-policy policy-name
Context 
config>aaa
Description 

This command configures a RADIUS script policy.

The no form of the command removes the scrip policy from the configuration.

Default 

none

Parameters 
policy-name—
Configures Python scripts to modify RADIUS messages.
create—
This keyword is required when first creating the configuration context. Once the context is created, it is possible to navigate into the context without the create keyword.

action-on-fail

Syntax 
action-on-fail {drop|passthrough}
no action-on-fail
Context 
config>aaa>radius-scr-plcy
Description 

specifies the action taken when Python fails to modify the RADIUS message.

The no form of the command reverts to the default.

Default 

drop

Parameters 
drop—
Specifies that the packet will be dropped.
passthrough—
Specifies that the packet will be sent out without any modifications.

primary

Syntax 
primary
Context 
config>aaa>radius-scr-plcy
Description 

This command enables the context to configure a primary script.

Default 

none

script-url

Syntax 
script-url primary-script-url
no script-url
Context 
config>aaa>radius-scr-plcy>primary
Description 

This command configures the URL of the primary script.

The no form of the command removes the URL from the configuration.

Default 

no script-url

Parameters 
primary-script-url—
Specifies the URL of the secondary script to change RADIUS attributes of the RADIUS message.

secondary

Syntax 
secondary
Context 
config>aaa>radius-scr-plcy
Description 

This command enables the context to configure a secondary script.

Default 

none

script-url

Syntax 
script-url secondary-script-url
no script-url
Context 
config>aaa>radius-scr-plcy>secondary
Description 

Specifies the URL of the secondary script to change RADIUS attributes of the RADIUS message.

The no form of the command removes the URL from the configuration.

Default 

no script-url

Parameters 
secondary-script-url—
Specifies the URL of the secondary script to change RADIUS attributes of the RADIUS message.

l2tp-accounting-policy

Syntax 
l2tp-accounting-policy policy-name [create]
no l2tp-accounting-policy policy-name
Context 
config>aaa
Description 

This command configures an L2TP accounting policy.

The no form of the command removes the policy-name from the configuration.

Default 

none

Parameters 
policy-name—
Specifies a policy name
create—
This keyword is required when first creating the configuration context. Once the context is created, it is possible to navigate into the context without the create keyword.

request-script-policy

Syntax 
request-script-policy script-policy
no request-script-policy
Context 
config>aaa>l2tp-accounting-policy
config>aaa>radius-srv-plcy
Description 

This command configures a Python script policy to modify Access-Request.

The no form of the command removes the policy-name from the configuration.

Default 

none

Parameters 
script-policy—
Specifies a the RADIUS script policy used to change the RADIUS attributes of the outgoing Access-Request messages.

radius-server-policy

Syntax 
radius-server-policy policy-name [create]
no radius-server-policy policy-name
Context 
config>aaa
Description 

This command configures the RADIUS script policy used to change the RADIUS attributes of the outgoing Access-Accept messages.

The no form of the command removes the policy-name from the configuration.

Default 

none

Parameters 
policy-name—
Specifies a the RADIUS script policy used to change the RADIUS attributes of the outgoing Access-Request messages.
create—
This keyword is required when first creating the configuration context. Once the context is created, it is possible to navigate into the context without the create keyword.

authentication-policy

Syntax 
authentication-policy name [create]
no authentication-policy
Context 
config>subscr-mgmt
Description 

This command creates the context to configure RADIUS server parameters for session authentication.

The no form of the command removes the RADIUS server configuration for session authentication.

RADIUS servers can be configured for three different applications:

  1. For authentication of dynamic Triple Play subscriber sessions, under config>subscr-mgmt>authentication-plcy
  2. For 802.1x port authentication, under config>system>security>dot1x>radius-plcy
  3. For CLI login users, under config>system>radius
Default 

none

Parameters 
name—
The name of the profile. The string is case sensitive and limited to 32 ASCII 7-bit printable characters with no spaces.

accept-script-policy

Syntax 
accept-script-policy policy-name
no accept-script-policy
Context 
config>aaa>radius-srv-plcy
Description 

This command configures the the RADIUS script policy used to change the RADIUS attributes of the outgoing Access-Accept messages.

The no form of the command removes the policy name from the configuration.

Default 

no accept-script-policy

Parameters 
policy-name—
Specifies the Python script policy to modify Access-Accept.

radius-accounting-policy

Syntax 
radius-accounting-policy name [create]
no radius-accounting-policy
Context 
config>subscr-mgmt
Description 

This command specifies a subscriber RADIUS based accounting policy.

Parameters 
name—
The name of the policy. The string is case sensitive and limited to 32 ASCII 7-bit printable characters with no spaces.

coa-script-policy

Syntax 
coa-script-policy policy-name
no coa-script-policy
Context 
config>subscr-mgmt>auth-plcy
Description 

This command configures the RADIUS script policy used to change the RADIUS attributes of the Change-of-Authorization messages.

The no form of the command removes the policy name from the configuration.

Default 

none

Parameters 
policy-name—
Specifies the Python script policy to modify the Change-of-Authorization messages.

request-script-policy

Syntax 
request-script-policy policy-name
no request-script-policy
Context 
config>subscr-mgmt>auth-plcy
Description 

This command configures the RADIUS script policy used to change the RADIUS attributes of the outgoing Access-Request messages.

The no form of the command removes the policy name from the configuration.

Default 

none

Parameters 
policy-name—
Specifies the Python script policy to modify Access-Request messages.

acct-request-script-policy

Syntax 
acct-request-script-policy policy-name
no acct-request-script-policy
Context 
config>subscr-mgmt>acct-plcy#
Description 

This command configures the Python script policy to modify Accounting-Request messages.

The no form of the command removes the policy name from the configuration.

Default 

none

Parameters 
policy-name—
Specifies the Python script policy to modify Accounting-Request messages.