Operating Rules For Radius Accounting - HP Q.11.XX Manual

RADIUS Authentication, Authorization and Accounting
Configuring RADIUS Accounting
5-26
(For 802.1X information for the switch, refer to "Configuring Port-Based
and Client-Based Access Control (802.1X)" on page 8-1.)
Exec accounting: Provides records holding the information listed
■
below about login sessions (console, Telnet, and SSH) on the switch:
• Acct-Session-Id
• Acct-Status-Type
• Acct-Terminate-Cause
• Acct-Authentic
■ System accounting: Provides records containing the information
listed below when system events occur on the switch, including
system reset, system boot, and enabling or disabling of system
accounting.
• Acct-Session-Id
• Acct-Status-Type
• Acct-Terminate-Cause
• Acct-Authentic
The switch forwards the accounting information it collects to the designated
RADIUS server, where the information is formatted, stored, and managed by
the server. For more information on this aspect of RADIUS accounting, refer
to the documentation provided with your RADIUS server.

Operating Rules for RADIUS Accounting

You can configure up to three types of accounting to run simultane-
■
ously: exec, system, and network.
RADIUS servers used for accounting are also used for authentication.
■
■ The switch must be configured to access at least one RADIUS server.
■ RADIUS servers are accessed in the order in which their IP addresses
were configured in the switch. Use show radius to view the order. As
long as the first server is accessible and responding to authentication
requests from the switch, a second or third server will not be
accessed. (For more on this topic, refer to "Changing RADIUS-Server
Access Order" on page 5-37.)
• Acct-Delay-Time
• Acct-Session-Time
• Username
• Service-Type
• Acct-Delay-Time
• Username
• Service-Type
• NAS-IP-Address
• NAS-IP-Address
• NAS-Identifier
• Calling-Station-Id
• NAS-Identifier
• Calling-Station-Id