HP VSR1000 Security Configuration Manual page 37
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
Step
3.
Specify a VPN for the RADIUS
scheme.
Setting the username format and traffic statistics units
A username is in the format userid@isp-name, where isp-name represents the user's ISP domain name. By
default, the ISP domain name is included in a username. However, older RADIUS servers might not
recognize usernames that contain the ISP domain names. In this case, you can configure the device to
remove the domain name of each username to be sent.
For correct identification of users, configure the device to include ISP domain names in usernames for the
RADIUS scheme that is referenced by two or more ISP domains.
The device reports online user traffic statistics in accounting packets. The traffic measurement units are
configurable, but they must be the same as the traffic measurement units configured on the RADIUS
accounting servers.
To set the username format and the traffic statistics units for a RADIUS scheme:
Step
1.
Enter system view.
2.
Enter RADIUS scheme view.
3.
Set the format for usernames
sent to the RADIUS servers.
4.
(Optional.) Set the data flow
and packet measurement
units for traffic statistics.
Setting the maximum number of RADIUS request transmission attempts
RADIUS uses UDP packets to transfer data. Because UDP communication is not reliable, RADIUS uses a
retransmission mechanism to improve reliability. A RADIUS request is retransmitted if the NAS does not
receive a server response for the request within the response timeout timer. For more information about
the RADIUS server response timeout timer, see
You can set the maximum number for the NAS to retransmit a RADIUS request to the same server. When
the maximum number is reached, the NAS tries to communicate with other RADIUS servers in active state.
If no other servers are in active state at the time, the NAS considers the authentication or accounting
attempt a failure.
To set the maximum number of RADIUS request transmission attempts:
Step
1.
Enter system view.
2.
Enter RADIUS scheme view.
Command
vpn-instance vpn-instance-name
Command
system-view
radius scheme
radius-scheme-name
user-name-format { keep-original
| with-domain | without-domain }
data-flow-format { data { byte |
giga-byte | kilo-byte |
mega-byte } | packet
{ giga-packet | kilo-packet |
mega-packet | one-packet } }*
"Setting RADIUS
Command
system-view
radius scheme
radius-scheme-name
27
Remarks
By default, a RADIUS scheme
belongs to the public network.
Remarks
N/A
N/A
By default, the ISP domain name is
included in a username.
By default, traffic is counted in
bytes and packets.
timers."
Remarks
N/A
N/A
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
