Custom Search

Cisco Ccna (640-553) Security Training: Using The Aaa Session-id Command

In today’s article, I’m going to quickly inform you about the Cisco IOS global configuration mode command named “aaa session-id”.

Network administrators use the “aaa session-id” command to indicate whether the same session ID will be used for each AAA accounting service type within a call or whether a different session ID will be assigned to each accounting service type.

In other words, CCNA’s (like you) use the command to tell a router to store or not to store its first session ID request of a call in a common database; if the first session ID is stored, then all proceeding session ID requests will retrieve the value of the first session ID. (This is the router’s default behavior).

And, if the first session ID is not stored, then the session ID in the access-request will be the same as the session ID in the accounting request for the same service; all other services (Auth-Proxy, Exec, Network, Command, System, Connection, and Resource) will provide unique session IDs for the same call.

Below is the command’s syntax:

aaa session-id [common | unique]

As you can see, you can use either the “command” keyword or the “unique” keyword with the command.

common – This (optional) keyword is used to make sure that all session identification (ID) information that is sent out for a given call is identical. Remember, even if you don’t configure a router using the “common” keyword, the router will perform this way by default. So, in actuality; if you were to type the command no aaa session-id common on a router it wouldn’t have any effect.

unique – And, this (optional) keyword is used to make sure that only the corresponding service access-requests and accounting-requests will maintain a common session ID.

Note: Accounting-requests for each service will have a different session ID.

Below is an example of the command being used:

Router>enable
Router#configure terminal
Router(config)#aaa model
Router(config)#aaa authentication ppp default group radius
Router(config)#radius-server host 101.100.1.34
Router(config)#radius-server attribute 44 include-in-access-req
Router(config)#aaa session-id unique
Router(config)#exit

In the example above, the router is being configured to use unique session IDs.

Now in order to return a router back to its default behavior, all you have to do is type the word “no” in front of the command like you see below:

Router(config)#no aaa session-id unique

By the way, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.2(8)T or higher.

I hope this article was very informative and helped you quickly understand the usage of the aaa session-id unique command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques.

To your success,

Charles Ross
CCNA- CCNP #CSCO10444244

By: Charles E Ross

Article Directory: http://www.articledashboard.com

Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 3 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ccnaittechtips.com

Misc
Print This Article
Add To Favorites
Email to Friends
Ezine Ready
Join Our Community
Sign Up for an account or learn more.
Sponsored Links
Article Dashboard Authors
Submit Articles
Member Login
Submission Guidelines
Article RSS Feeds
Site Information
About Us
Link to Us
Contact Us
Privacy Policy
Terms of Service
Favicon Generator

© 2005-2011 Article Dashboard