Chapter 4 Authentication and Accounting

RADIUS Accounting Records

Service Connection and Termination

SSG also sends a RADIUS accounting-request record to the local RADIUS server when a user accesses or terminates a service. The Acct-Status-Type attribute included in the accounting-request record indicates whether the accounting-request marks the start of the user service or the end of the service.

When a user accesses a service, SSG sends an accounting-start record to RADIUS. When a user terminates a service, SSG sends an accounting-stop record.

Configuration Examples for Service Connection and Termination

Example 4-5shows the information contained in an accounting-start record for service access.

Example 4-5 RADIUS Accounting-Start Record for Service Access

User-Name = "username"

Acct-Status-Type = Start

Acct-Authentic = RADIUS

Service-Type = Framed

Acct-Session-Id = "00000010"

Framed-Protocol = PPP

Service-Info = "Nisp-name.com"

Service-Info = "Uusername"

Service-Info = "TP"

Acct-Delay-Time = 0

The following list describes some of the attributes included in the record. For more information, refer to the Service Section Gateway, Release 12.2(15)B feature module.

Acct-Status-Type—Indicates that the accounting-request marks the start of the user service.

Service-Type—Indicates the type of service requested or the type of service to be provided. PPP and SLIP connections use the service type.

Service-Info—Indicates the following:

Nname—Indicates the name of the service profile.

Uname—Indicates the username used to authenticate the user with the remote RADIUS server. This attribute is used for proxy services.

Ttype—Indicates whether the connection is proxy (X), tunnel (T), or passthrough (P).

Cisco 10000 Series Router Service Selection Gateway Configuration Guide

 

OL-4387-02

4-3

 

 

 

Page 33
Image 33
Cisco Systems OL-4387-02 manual Service Connection and Termination