HP A6600 Configuration Manual page 35
Hide thumbs
Also See for A6600:
- Configuration manual (426 pages) ,
- Getting started (222 pages) ,
- Limited warranty (41 pages)
Table of Contents
Advertisement
To specify RADIUS accounting servers and set relevant parameters for a scheme:
To do...
1.
Enter system view.
2.
Enter RADIUS scheme
view.
3.
Specify the primary
RADIUS accounting server.
4.
Specify the secondary
RADIUS accounting server.
5.
Set the maximum number
of real-time accounting
attempts.
6.
Enable buffering of stop-
accounting requests to
which no responses are
received.
7.
Set the maximum number
of stop-accounting
attempts.
NOTE:
The IP addresses of the primary and secondary accounting servers must be different from each other.
•
Otherwise, the configuration fails.
All servers for authentication/authorization and accountings, primary or secondary, must use IP
•
addresses of the same IP version.
If you delete an accounting server that is serving users, the router can no longer send real-time
•
accounting requests and stop-accounting requests for the users to that server or buffer the stop-
accounting requests.
Specify a RADIUS accounting server as the primary accounting server for one scheme and as the
•
secondary accounting server for another scheme at the same time.
RADIUS does not support accounting for FTP users.
•
Specifying the shared keys for authenticating RADIUS packets
The RADIUS client and RADIUS server use the MD5 algorithm to encrypt packets exchanged between
them and use shared keys to authenticate the packets. They must use the same shared key for the same
type of packets.
A shared key configured in this task is for all servers of the same type (accounting or authentication) in
the scheme. It has a lower priority than a shared key configured individually for a RADIUS server.
To specify shared keys for authenticating RADIUS packets:
To do...
1.
Enter system view.
2.
Enter RADIUS scheme view.
Command...
system-view
radius scheme radius-scheme-name
primary accounting { ip-address | ipv6 ipv6-
address } [ port-number | key string | vpn-
instance vpn-instance-name ] *
secondary accounting { ip-address | ipv6
ipv6-address } [ port-number | key string |
vpn-instance vpn-instance-name ] *
retry realtime-accounting retry-times
stop-accounting-buffer enable
retry stop-accounting retry-times
Command...
system-view
radius scheme radius-scheme-
name
23
Remarks
—
—
Required.
Configure at least one
command.
No accounting server is
specified by default.
Optional.
5 by default.
Optional.
Enabled by default.
Optional.
500 by default.
Remarks
—
—
Advertisement
Table of Contents
Troubleshooting
