Enabling The Radius Trap Function; Specifying The Source Ip Address For Radius Packets To Be Sent - H3C S5120-SI Series Operation Manual
Hide thumbs
Also See for S5120-SI Series:
- Command reference manual (910 pages) ,
- Configuration manual (745 pages) ,
- Installation manual (70 pages)
Table of Contents
Advertisement
To do...
Enter system view
Enter RADIUS scheme view
Specify the format of the
username to be sent to a
RADIUS server
Specify the unit for data flows or
packets to be sent to a RADIUS
server
Some earlier RADIUS servers cannot recognize usernames that contain an ISP domain name. In
this case, the device must remove the domain name before sending a username including a
domain name. You can configure the user-name-format without-domain command on the
device for this purpose.
If a RADIUS scheme defines that the username is sent without the ISP domain name, do not apply
the RADIUS scheme to more than one ISP domain. Otherwise, users using the same username
but in different ISP domains will be considered the same user.
The unit of data flows sent to the RADIUS server must be consistent with the traffic statistics unit of
the RADIUS server. Otherwise, accounting cannot be performed correctly.
Enabling the RADIUS Trap Function
If a NAS sends an accounting or authentication request to the RADIUS server but gets no response, the
NAS retransmits the request. With the RADIUS trap function enabled, when the NAS transmits the
request for half of the specified maximum number of transmission attempts, it sends a trap message;
when the NAS transmits the request for the specified maximum number of transmission attempts, it
sends another trap message.
Follow these steps to enable the RADIUS trap function:
To do...
Enter system view
Enable the RADIUS trap
function
Specifying the Source IP Address for RADIUS Packets to Be Sent
After you specify the source IP address for RADIUS packets to be sent, if the physical interface for
sending the RADIUS packets fails, response packets from the RADIUS server will be able to arrive the
NAS.
Use the command...
system-view
radius scheme
radius-scheme-name
user-name-format
{ keep-original
|
without-domain }
data-flow-format { data { byte
| giga-byte | kilo-byte |
mega-byte } | packet
{ giga-packet | kilo-packet |
mega-packet | one-packet } }*
Use the command...
system-view
radius trap
{ accounting-server-down |
authentication-server-down }
1-24
—
—
Optional
By default, the ISP domain
with-domain |
name is included in the
username.
Optional
The defaults are as follows:
byte for data flows, and
one-packet for data packets.
—
Required
Disabled by default
Remarks
Remarks
Advertisement
Chapters
Table of Contents
Troubleshooting
