Tearing Down User Connections Forcibly; Configuring A Network Device As A Radius Server; Radius Server Functions Configuration Task List; Configuring A Radius User - HP 5120 EI Switch Series Configuration Manual

NOTE:

With the accounting optional command configured, a user that would be otherwise disconnected can still use
the network resources even when no accounting server is available or communication with the current
accounting server fails.

The local accounting method is not used to implement accounting, but to work together with the access-limit
command, which is configured in local user view, to limit the number of local user connections. However, with
the accounting optional command configured, the limit on the number of local user connections is not effective.

The accounting method specified with the accounting default command is for all types of users and has a
priority lower than that for a specific access mode.

With the radius-scheme
and argument combination configured, local accounting is the backup method and is used only when the
remote server is not available.

If you specify only the local or none keyword in an accounting method configuration command, the device has
no backup accounting method and performs only local accounting or does not perform any accounting.

Accounting is not supported for FTP services.

Tearing down user connections forcibly

Follow these steps to tear down user connections forcibly:
To do...
Enter system view
Tear down AAA user
connections forcibly

Configuring a network device as a RADIUS server

RADIUS server functions configuration task list

Task

Configuring a RADIUS user

Specifying a RADIUS client
Configuring a RADIUS user
This task is to create a RADIUS user and configure a set of attributes for the user on a network device that
serves as the RADIUS server. The user attributes include the password, authorization attribute, expiration
time, and user description. After completing this task, the specified RADIUS user can use the username
and password for RADIUS authentication on the device.
Follow these steps to configure a RADIUS user:
radius-scheme-name
local or hwtacacs-scheme
Use the command...
system-view
cut connection { access-type { dot1x | mac-
authentication | portal } | all | domain isp-name
| interface interface-type interface-number | ip
ip-address | mac mac-address | ucibindex ucib-
index | user-name user-name | vlan vlan-id } [
slot slot-number ]
42
hwtacacs-scheme-name
Remarks
Required
Required
local keyword
Remarks
—
Required
Applicable to only
LAN access, and
portal user
connections.