3Com 5500-SI Displaying and Debugging HWTACACS Protocol

620 CHAPTER 33: HWTACACS CONFIGURATION

The setting of real-time accounting interval somewhat depends on the performance

of the NAS and the TACACS server: a shorter interval requires higher device

performance. You are therefore recommended to adopt a longer interval when there

are a large number of users (more than 1000, inclusive). Table683 lists the numbers

of users and the recommended intervals.

The real-time accounting interval defaults to 12 minutes.

Displaying and Debugging HWTACACS Protocol

After the above configuration, execute display command in any view to display the

running of the AAA and RADIUS/HWTACACS configuration, and to verify the effect

of the configuration. Execute reset command in user view to reset AAA and

RADIUS/HWTACACS statistics, etc . Execute debugging command in user view to

debug AAA and RADIUS/HWTACACS.

Table683 Numbers of users and the recommended intervals

Number of users Real-time accounting interval (minutes)

1–99 3

100–499 6

500–999 12

ƒ1000 ƒ15

Table684 Displaying and debugging AAA and RADIUS/HWTACACS protocol

Operation Command

Display the configuration information of the

specified or all the ISP domains.

display domain [ isp-name ]

Display related information of user's

connection

display connection [ access-type dot1x |

domain domain-name | interface interface-type

interface-number | ip ip-address | mac

mac-address | radius-scheme

radius-scheme-name | vlan vlanid | ucibindex

ucib-index | user-name user-name ]

Display related information of the local user display local-user [ domain isp-name | idle-cut

{ disable | enable } | service-type { telnet | ftp |

lan-access | ssh | terminal } | state { active |

block } | user-name user-name | vlan vlan-id ]

Display the statistics of local RADIUS

authentication server

display local-server statistics

Display the configuration information of

RADIUS schemes

display radius [ radius-scheme-name ]

Display the statistics of RADIUS packets display radius statistics

Display the stopping accounting requests

saved in buffer without response

display stop-accounting-buffer {

radius-scheme radius-scheme-name | session-id

session-id | time-range start-time stop-time |

user-name user-name }

Display the specified or all the HWTACACS

schemes

display hwtacacs [ hwtacacs-scheme-name]

Display information on the stop-accounting

packets in the buffer

display stop-accounting-buffer

hwtacacs-scheme hwtacacs-scheme-name

Delete the stopping accounting requests saved

in buffer without response

reset stop-accounting-buffer { radius-scheme

radius-scheme-name | session-id session-id |

time-range start-time stop-time | user-name

user-name }

Reset the statistics of RADIUS server reset radius statistics

Clear stop-accounting packets from the buffer reset stop-accounting-buffer

hwtacacs-scheme hwtacacs-scheme-name