•
Common—The Acct-Session-Id is a string of 38 characters. The string contains the
session-id-prefix, date and time, serial number, LIP address of the access node, device ID, and
the process job ID.
•
Simplified—The Acct-Session-Id is a string of 16 characters. The string contains the
session-id-prefix, month, serial number, LIP address of the access node, device ID, and the
process job ID.
Configure the Acct-Session-Id format depending on the server model. For example, the AsiaInfo
server supports only the 16-character Acct-Session-Id, so you must specify the simplified format on
the device to work with the server.
To configure the Acct-Session-Id format:
Step
1.
Enter system view.
2.
Configure the
Acct-Session-Id format.
Displaying and maintaining AAA
Execute display commands in any view.
Task
Display the configuration of ISP domains.
AAA configuration examples
Authentication and authorization for SSH users by a RADIUS
server
Network requirements
As shown in
•
Use the RADIUS server for SSH user authentication and authorization.
•
Include domain names in the usernames sent to the RADIUS server.
•
Assign the default user role network-operator to SSH users after they pass authentication.
The RADIUS server runs on IMC. Add an account with the username hello@bbb on the RADIUS
server.
The RADIUS server and the router use expert as the shared key for secure RADIUS communication.
The ports for authentication and accounting are 1812 and 1813, respectively.
Command
system-view
aaa session-id mode { common
| simplified }
Figure
12, configure the router to meet the following requirements:
Command
display domain [ isp-name ]
58
Remarks
N/A
By default, the common format is
used.