Table of Contents
Advertisement
Chapter 20 Authentication & Accounting
Table 49 Advanced Application > Auth and Acct > Auth and Acct Setup (continued)
LABEL
Login
Accounting
Update Period
Type
Active
Broadcast
Mode
Method
Privilege
152
DESCRIPTION
These fields specify which database the ONU should use (first, second and third) to
authenticate administrator accounts (users for ONU management).
Configure the local user accounts in the Access Control > Logins screen. The
TACACS+ and RADIUS are external servers. Before you specify the priority, make
sure you have set up the corresponding database correctly first.
You can specify up to three methods for the ONU to authenticate administrator
accounts. The ONU checks the methods in the order you configure them (first
Method 1, then Method 2 and finally Method 3). You must configure the settings in
the Method 1 field. If you want the ONU to check other sources for administrator
accounts, specify them in Method 2 and Method 3 fields.
Select local to have the ONU check the administrator accounts configured in the
Access Control > Logins screen.
Select radius to have the ONU check the administrator accounts via RADIUS
servers configured in the RADIUS Server Setup screen.
Select tacacs+ to have the ONU check the administrator accounts via TACACS+
servers configured in the TACACS+ Server Setup screen.
Use this section to configure accounting settings on the ONU.
This is the amount of time in minutes before the ONU sends an update to the
accounting server. This is only valid if you select the start-stop option for the Exec
or Dot1x entries.
The ONU supports the following types of events to be sent to the accounting
server(s):
•
System - Configure the ONU to send information when the following system
events occur: system boots up, system shuts down, system accounting is
enabled, system accounting is disabled.
•
Exec - Configure the ONU to send information when an administrator logs in
and logs out via the console port, Telnet or SSH.
•
Dot1x - Configure the ONU to send information when an IEEE 802.1x client
begins a session (authenticates via the ONU), ends a session as well as interim
updates of a session.
•
Commands - Configure the ONU to send information when commands of
specified privilege level and higher are executed on the ONU.
Select this to activate accounting for a specified event types.
Select this to have the ONU send accounting information to all configured
accounting servers at the same time.
If you don't select this and you have two accounting servers set up, then the ONU
sends information to the first accounting server and if it doesn't get a response from
the accounting server then it tries the second accounting server.
The ONU supports two modes of recording login events. Select:
•
start-stop - to have the ONU send information to the accounting server when a
user begins a session, during a user's session (if it lasts past the Update
Period), and when a user ends a session.
•
stop-only - to have the ONU send information to the accounting server only
when a user ends a session.
Select whether you want to use RADIUS or TACACS+ for accounting of specific
types of events.
TACACS+ is the only method for recording Commands type of event.
This field is only configurable for Commands type of event. Select the threshold
command privilege level for which the ONU should send accounting information.
The ONU will send accounting information when commands at the level you specify
and higher are executed on the ONU.
ONU User's Guide
Advertisement
Table of Contents
