Specifying The Radius Accounting Servers And Relevant Parameters - H3C S9500E Series Security Configuration Manual

Routing switches

Hide thumbs Also See for S9500E Series:

Configuration manual (459 pages)

Command reference manual (225 pages)

Installation manual (154 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

Table of Contents

HP recommends that you specify only the primary RADIUS authentication/authorization server if backup

•

is not required.

If both the primary and secondary authentication/authorization servers are specified, the secondary one

•

is used when the primary one is unreachable.

In practice, you may specify one RADIUS server as the primary authentication/authorization server and

•

up to 16 RADIUS servers as the secondary authentication/authorization servers, or specify a RADIUS

server as the primary authentication/authorization server for a scheme and as the secondary

authentication/authorization server for another scheme at the same time.

The IP addresses of the primary and secondary authentication/authorization servers for a scheme must be

•

different from each other. Otherwise, the configuration fails.

All servers for authentication/authorization and accountings, primary or secondary, must use IP

•

addresses of the same IP version.

Specifying the RADIUS accounting servers and relevant

parameters

Follow these steps to specify the RADIUS accounting servers and perform related configurations:

To do...

Enter system view

Enter RADIUS scheme view

Specify the primary RADIUS

accounting server

Specify the secondary RADIUS

accounting server

Enable the switch to buffer stop-

accounting requests getting no

responses

Set the maximum number of

stop-accounting request

transmission attempts

Set the maximum number of

accounting request transmission

attempts

It is recommended to specify only the primary RADIUS accounting server if backup is not required.

•

Use the command...

system-view

radius scheme radius-scheme-name

primary accounting { ip-address [

port-number | key string | vpn-

instance vpn-instance-name ] * |

ipv6 ipv6-address [ port-number |

key string] * }

secondary accounting { ip-address

[ port-number | key string | vpn-

instance vpn-instance-name ] * |

ipv6 ipv6-address [ port-number |

key string ] * }

stop-accounting-buffer enable

retry stop-accounting retry-times

retry realtime-accounting retry-

times

Remarks

—

Required

Configure at least one of the

commands

No accounting server by

default

Optional

Enabled by default

Optional

500 by default

Optional

5 by default

Table of Contents

Specifying The Radius Accounting Servers And Relevant Parameters - H3C S9500E Series Security Configuration Manual

Troubleshooting

Related Manuals for H3C S9500E Series

Related Content for H3C S9500E Series

Table of Contents