Table of Contents
Advertisement
Telnet to Switch with read-only user (bsro) type some commands
4548GT-PWR# show clock
Current SNTP time
Daylight saving time is DISABLED
Time zone is set to 'METD', offset from UTC is 01:00
4548GT-PWR# conf t
^
% Invalid input detected at '^' marker.
4548GT-PWR# exit
Read-only user in this example does not have access to switch configuration.
Log file on RADIUS server - /var/log/radius/radius.log
Thu Feb 21 15:52:09 2008 : Auth: Login OK: [bsro] (from client 4548GT-PWR
port 0)
Log file on RADIUS server - /var/log/radius/radacct/10.10.44.5/auth-detail-20080221
Optional file, need to configure /etc/raddb/radiusd.conf
Thu Feb 21 15:52:09 2008
NAS-IP-Address = 10.10.44.5
Service-Type = Administrative-User
User-Name = "bsro"
Client-IP-Address = 10.10.44.5
Timestamp = 1203605529
Please note that the client-IP-Address is equal to NAS-IP-Address which is not correct. The
client-IP-Address is the station where telnet has been issued, which is 10.10.50.10. The reason
is the switch does not provide a Client-IP-address field (see sniffer trace). Application artificially
copy field.
Log file on RADIUS client
4548GT-PWR# show log
I
2008-02-21 15:52:21 GMT+01:00 115
from
IP add: 10.10.50.10, access mode: read-only
I
2008-02-21 15:53:50 GMT+01:00 116
IP
address: 10.10.50.10, access mode: read-only
I
2008-02-21 15:53:50 GMT+01:00 117
logout),
IP address: 10.10.50.10
Authentication, Authorization and Accounting (AAA) for ERS and ES
November 2010
:
2008-02-21 15:52:36 GMT+01:00
Technical Configuration Guide
#1 Session opened(radius auth)
#1 Session closed (user logout),
#1 Connection closed (user
avaya.com
18
Advertisement
Table of Contents
