ZyXEL Communications XGS-4728F User Manual page 223
Intelligent layer 3+ switch
Hide thumbs
Also See for XGS-4728F:
- User manual (422 pages) ,
- Specifications (2 pages) ,
- Manual (8 pages)
Table of Contents
Advertisement
Table 70 Advanced Application > AAA > AAA Setup (continued)
LABEL
Type
Active
Method
Accounting
Update Period
Type
Active
Broadcast
Mode
Method
Privilege
XGS-4728F User's Guide
DESCRIPTION
Set whether the Switch provides the following services to a user.
•
Exec: Allow an administrator which logs in the Switch through Telnet
or SSH to have different access privilege level assigned via the
external server.
•
Dot1x: Allow an IEEE 802.1x client to have different bandwidth limit
or VLAN ID assigned via the external server.
Select this to activate authorization for a specified event types.
Select whether you want to use RADIUS or TACACS+ for authorization of
specific types of events.
RADIUS is the only method for IEEE 802.1x authorization.
Use this section to configure accounting settings on the Switch.
This is the amount of time in minutes before the Switch sends an update
to the accounting server. This is only valid if you select the start-stop
option for the Exec or Dot1x entries.
The Switch supports the following types of events to be sent to the
accounting server(s):
•
System - Configure the Switch to send information when the
following system events occur: system boots up, system shuts down,
system accounting is enabled, system accounting is disabled
•
Exec - Configure the Switch to send information when an
administrator logs in and logs out via the console port, telnet or SSH.
•
Dot1x - Configure the Switch to send information when an IEEE
802.1x client begins a session (authenticates via the Switch), ends a
session as well as interim updates of a session.
•
Commands - Configure the Switch to send information when
commands of specified privilege level and higher are executed on the
Switch.
Select this to activate accounting for a specified event types.
Select this to have the Switch send accounting information to all
configured accounting servers at the same time.
If you don't select this and you have two accounting servers set up, then
the Switch sends information to the first accounting server and if it
doesn't get a response from the accounting server then it tries the
second accounting server.
The Switch supports two modes of recording login events. Select:
•
start-stop - to have the Switch send information to the accounting
server when a user begins a session, during a user's session (if it
lasts past the Update Period), and when a user ends a session.
•
stop-only - to have the Switch send information to the accounting
server only when a user ends a session.
Select whether you want to use RADIUS or TACACS+ for accounting of
specific types of events.
TACACS+ is the only method for recording Commands type of event.
This field is only configurable for Commands type of event. Select the
threshold command privilege level for which the Switch should send
accounting information. The Switch will send accounting information
when commands at the level you specify and higher are executed on the
Switch.
Chapter 25 AAA
223
Advertisement
Table of Contents
Troubleshooting
