3Com SuperStack 4 Configuration Manual page 269

Configuring RADIUS
Accounting Servers and
the Related Attributes
In real networking environments, you may specify two RADIUS servers as primary
and secondary authentication/authorization servers respectively, or specify one
server to function as both.
The RADIUS service port settings on the Switch 5500G-EI should be consistent
with the port settings on the RADIUS server. Normally, the
authentication/authorization service port is 1812.
Configuring RADIUS Accounting Servers
You can use the following commands to configure the IP address and port number
for RADIUS accounting servers.
Perform the following configurations in RADIUS Scheme View.
Table 315 Configuring RADIUS Accounting Servers
Operation
Set IP address and port number of primary RADIUS
accounting server.
Restore IP address and port number of primary RADIUS
accounting server to the default values.
Set IP address and port number of second RADIUS
accounting server.
Restore IP address and port number of second RADIUS
accounting server to the default values.
By default, as for the newly created RADIUS scheme, the IP address of the primary
accounting server is 0.0.0.0, and the UDP port number of this server is 1813; as
for the "system" RADIUS scheme created by the system, the IP address of the
primary accounting server is 127.0.0.1, and the UDP port number is 1646.
In real networking environments, you can specify two RADIUS servers as the
primary and the secondary accounting servers respectively; or specify one server to
function as both.
To guarantee the normal interaction between NAS and RADIUS server, you are
supposed to guarantee the normal routes between RADIUS server and NAS before
setting the IP address and UDP port of the RADIUS server. In addition, because
RADIUS protocol uses different UDP ports to receive/transmit
authentication/authorization and accounting packets, you need to set two
different ports accordingly. Suggested by RFC2138/2139,
authentication/authorization port number is 1812 and accounting port number is
1813. However, you may use values other than the suggested ones. (Especially for
some earlier RADIUS Servers, authentication/authorization port number is often
set to 1645 and accounting port number is 1646.)
The RADIUS service port settings on the Switch 5500G-EI units are supposed to be
consistent with the port settings on RADIUS server. Normally, RADIUS accounting
service port is 1813.
Setting the Maximum Times of Real-time Accounting Request Failing to be
Responded to
A RADIUS server usually checks if a user is online with a timeout timer. If the
RADIUS server has not received the real-time accounting packet from NAS for a
AAA and RADIUS Protocol Configuration
Command
primary accounting
ip_address
undo primary accounting
secondary accounting
ip_address
undo secondary accounting
281
[ port_number ]
port_number
[ ]