Configuring The User Re-Authentication At Reboot Function - 3Com 3C13636 Configuration Manual

3Com Router 3000 Ethernet Family
Configuration Guide
communication with the current RADIUS server has been disconnected and turns to
another RADIUS server.
You can use the following command to set the maximum number of allowed RADIUS
request attempts.
Perform the following configurations in RADIUS view.
Table 2-20 Set the maximum number of RADIUS request attempts
Set the maximum number of RADIUS request attempts.
Restore the default maximum number of RADIUS request
attempts.
By default, a RADIUS request can be sent up to three times.

2.3.6 Configuring the User Re-authentication at Reboot Function

I. Introduction to the user re-authenctication at reboot function
On the CAMS server, there is a kind of user called exclusive user, each of which has its
concurrent online number set to 1. With the AAA solution implemented jointly by the
router and CAMS server, the router prompts that an exclusive user is already online in
the following situation:
The router reboots after an exclusive user passes the authentication/authorization
and begins being accounted.
The CAMS server has not performed online user detection.
The exclusive user logs into the router again.
After this, the user cannot access network resources normally unless the network
administrator manually removes the online information of the user on the CAMS server.
To solve the above problem, you can enable the user re-authentication at reboot on the
router. With this function enabled, the following occurs whenever the router reboots:
The router generates an Accounting-On packet, which includes information such
as the NAS-ID, NAS-IP (source IP), and session ID of the user.
The router sends the Accounting-On packet to the CAMS server at a specified
interval.
When receiving an Accounting-On packet, the CAMS server sends a response
packet to the router, locates and deletes information about the original online
users according to information about NAS-ID, NAS-IP, and session ID in the
Accounting-On packet, and ends the accounting based on the last accounting
update packet.
When receiving the response packet from the CAMS server, the router stops
sending Accounting-On packets.
Chapter 2 AAA and RADIUS/HWTACACS Protocol
Operation
3Com Corporation
2-23
Configuration
Command
retry retry-times
undo retry