Technical Reference; Vendor Specific Attribute - ZyXEL Communications GS2220 Series User Manual

Table 112 Advanced Application > AAA > AAA Setup (continued)
L ABEL
Type
Active
Broadcast
Mode
Method
Privilege
Apply
Cancel
25.6 T e c hnic a l Re fe re nc e
This section provides technical background information on the topics discussed in this chapter.
25.6.1 Ve ndo r Spe c ific Attrib ute
RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server
and a network access device (for example, the Switch). A company can create Vendor Specific
Attributes (VSAs) to expand the functionality of a RADIUS server.
The Switch supports VSAs that allow you to perform the following actions based on user authentication:
• Limit bandwidth on incoming or outgoing traffic for the port the user connects to.
Chapter 25 AAA
DESC RIPT IO N
The Switch supports the following types of events to be sent to the accounting servers:
• – Configure the Switch to send information when the following system events occur:
Syste m
system boots up, system shuts down, system accounting is enabled, system accounting is
disabled.
• – Configure the Switch to send information when an administrator logs in and logs out
Exe c
through the console port, telnet or SSH.
• – Configure the Switch to send information when an IEEE 802.1x client begins a
Do t1x
session (authenticates through the Switch), ends a session as well as interim updates of a
session.
• – Configure the Switch to send information when commands of specified
C o m m a nds
privilege level and higher are executed on the Switch.
Select this to activate accounting for specified event types.
Select this to have the Switch send accounting information to all configured accounting
servers at the same time.
If you do not select this and you have two accounting servers set up, then the Switch sends
information to the first accounting server and if it does not get a response from the accounting
server then it tries the second accounting server.
The Switch supports two modes of recording login events. Select:
• – to have the Switch send information to the accounting server when a user begins
sta rt- sto p
a session, during a user's session (if it lasts past the
session.
• – to have the Switch send information to the accounting server only when a user
sto p- o nly
ends a session.
Select whether you want to use RADIUS or TACACS+ for accounting of specific types of events.
TACACS+ is the only method for recording
This field is only configurable for
privilege level for which the Switch should send accounting information. The Switch will send
accounting information when commands at the level you specify and higher are executed on
the Switch.
Click to save your changes to the Switch's run-time memory. The Switch loses these
Apply
changes if it is turned off or loses power, so use the
save your changes to the non-volatile memory when you are done configuring.
Click to begin configuring this screen afresh.
C a nc e l
GS2220 Series User's Guide
253
Upda te Pe rio d
type of event.
C o m m a nds
type of event. Select the threshold command
C o m m a nds
link on the top navigation panel to
Sa ve
), and when a user ends a