Radius Authentication

Authed Start

Authed LogOff

Responses

AccessChallenges

OtherReqToSupp

NonNakRespFromSup

Bac Auth Success

Bac Auth Fail

Counts the number of times that the state machine transitions from AUTHENTICATED to CONNECTING, as a result of an EAPOL-Start message being received from the Supplicant.

Counts the number of times that the state machine transitions from AUTHENTICATED to DISCONNECTED, as a result of an EAPOL-Logoff message being received from the Supplicant.

Counts the number of times that the state machine sends an initial Access-Request packet to the Authentication server (i.e., executes sendRespToServer on entry to the RESPONSE state). Indicates that the Authenticator attempted communication with the Authentication Server.

Counts the number of times that the state machine receives an initial Access-Challenge packet from the Authentication server (i.e., aReq becomes TRUE, causing exit from the RESPONSE state). Indicates that the Authentication Server has communication with the Authenticator.

Counts the number of times that the state machine sends an EAP-Request packet (other than an Identity, Notification, Failure, or Success message) to the Supplicant (i.e., executes txReq on entry to the REQUEST state). Indicates that the Authenticator chose an EAP-method.

Counts the number of times that the state machine receives a response from the Supplicant to an initial EAP- Request, and the response is something other than EAP-NAK (i.e., rxResp becomes TRUE, causing the state machine to transition from REQUEST to RESPONSE, and the response is not an EAP-NAK). Indicates that the Supplicant can respond to the Authenticator’s chosen EAP-method.

Counts the number of times that the state machine receives an Accept message from the Authentication Server (i.e., aSuccess becomes TRUE, causing a transition from RESPONSE to SUCCESS). Indicates that the Supplicant has successfully authenticated to the Authentication Server.

Counts the number of times that the state machine receives a Reject message from the Authentication Server (i.e., aFail becomes TRUE, causing a transition from RESPONSE to FAIL). Indicates that the Supplicant has not authenticated to the Authentication Server.

This table contains information concerning the activity of the RADIUS authentication client on the client side of the RADIUS authentication protocol. It has one row for each RADIUS authentication server that the client shares a secret with.To view the RADIUS Authentication, click Monitoring > Port Access Control > RADIUS Authentication.

Figure 9- 27. RADIUS Authentication window

The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds.The default value is one second.To clear the current statistics shown, click the Clear button in the top left hand corner.

The following fields can be viewed:

	Parameter	Description
	ServerIndex	The identification number assigned to each RADIUS Authentication server that the client shares a secret with.
	InvalidServerAddr	The number of RADIUS Access-Response packets received from unknown addresses.
	Identifier	The NAS-Identifier of the RADIUS authentication client. (This is not necessarily the same as sysName in MIB
	AuthServerAddr	II.)
	AuthServerAddr	The (conceptual) table listing the RADIUS authentication servers with which the client shares a secret.
	ServerPortNumber	The UDP port the client is using to send requests to this server.
	RoundTripTime	The time interval (in hundredths of a second) between the most recent Access-Reply/Access-Challenge and the
	AccessRequests	Access-Request that matched it from this RADIUS authentication server.
	AccessRequests	The number of RADIUS Access-Request packets sent to this server.This does not include retransmissions.
	AccessRetrans	The number of RADIUS Access-Request packets retransmitted to this RADIUS authentication server.
	AccessAccepts	The number of RADIUS Access-Accept packets (valid or invalid) received from this server.
	AccessRejects	The number of RADIUS Access-Reject packets (valid or invalid) received from this server.
	AccessChallenges	The number of RADIUS Access-Challenge packets (valid or invalid) received from this server.
	AccessResponses	The number of malformed RADIUS Access-Response packets received from this server. Malformed packets
		include packets with an invalid length. Bad authenticators or Signature attributes or known types are not
		included as malformed access responses.	176
Allied Telesyn AT-9724TS High-Density Layer 3 Stackable Gigabit Ethernet Switch			176

Allied Telesis AT-9724TS specifications Radius Authentication

Models: AT-9724TS