H3C S7500 Series Operation Manual page 527

Operation Manual – AAA & RADIUS & HWTACACS & EAD
H3C S7500 Series Ethernet Switches
start-accounting request (Accounting-Request, with the Status-Type filed set to
start) to the RADIUS server.
5) The RADIUS server returns a start-accounting response (Accounting-Response).
6) The user starts to access the network resources.
7) The RADIUS client sends a stop-accounting request (Accounting-Request, with
the Status-Type field set to stop) to the RADIUS server.
8) The RADIUS server returns a stop-accounting response (Accounting-Response).
9) The resource access for the user is ended.
III. RADIUS packet structure
RADIUS uses UDP to transmit messages. It ensures the correct message exchange
between RADIUS server and client through the following mechanisms: timer
management, retransmission, and backup server.
RADIUS packet.
Code
Figure 1-3 RADIUS packet structur
1) The Code field (one byte) decides the type of the RADIUS packet, as shown in
Table
Table 1-1 Description on major values of the Code field
Code
1
2
Identifier
Authenticator
Attribute
1-1.
Packet type
Access-Request
Access-Accept
Chapter 1 AAA & RADIUS & HWTACACS
Figure 1-3
Length
e
Packet description
Direction: client->server.
The client transmits this packet to the server to
determine if the user can be connected.
This packet carries user information. It must
contain the User-Name attribute and may
contain the following attributes:
NAS-IP-Address, User-Password, and
NAS-Port.
Direction: server->client.
The server transmits this packet to the client if all
the attribute values carried in the
Access-Request packet are accepted (that is,
the user passes the authentication).
1-5
Configuration
depicts the structure of a