RADIUS Authentication and Accounting
Configuring RADIUS Accounting
Note This section assumes you have already:
■ Configured RADIUS authentication on the switch for one or more
access methods
■ Configured one or more RADIUS servers to support the switch
If you have not already done so, refer to “General RADIUS Setup Procedure”
on page 5-5 before continuing here.
RADIUS accounting collects data about user activity and system events and
sends it to a RADIUS server when specified events occur on the switch, such
as a logoff or a reboot. The Series 5300XL switches support three types of
accounting services:
■ Network accounting: Provides records containing the information
listed below on clients directly connected to the switch and operating
under Port-Based Access Control (802.1x):
• Acct-Session-Id
• Acct-Output-Packets
• Service-Type
• Acct-Status-Type
• Acct-Input-Octets
• NAS-IP-Address
• Acct-Terminate-Cause
• Nas-Port
• NAS-Identifier
• Acct-Authentic
• Acct-Output-Octets
• Called-Station-Id
• Acct-Delay-Time
• Acct-Session-Time
• Acct-Input-Packets
• Username
(For 802.1x information for the switch, refer to chapter 8, “Configuring
Port-Based Access Control (802.1x)” .)
■ Exec accounting: Provides records holding the information listed
below about login sessions (console, Telnet, and SSH) on the switch:
• Acct-Session-Id
• Acct-Delay-Time
• NAS-IP-Address
• Acct-Status-Type
• Acct-Session-Time
• NAS-Identifier
• Acct-Terminate-Cause
• Username
• Calling-Station-Id
• Acct-Authentic
• Service-Type
■ System accounting: Provides records containing the information
listed below when system events occur on the switch, including
system reset, system boot, and enabling or disabling of system
accounting.
• Acct-Session-Id
• Acct-Delay-Time
• NAS-Identifier
• Acct-Status-Type
• Username
• Calling-Station-Id
• Acct-Terminate-Cause
• Service-Type
• Acct-Authentic
• NAS-IP-Address
5-17
To Next Page
Loading...
Need help?
General