Enhancements in Release F.04.08

Configuring RADIUS Authentication and Accounting

Because the radius-server command includes an acct-portelement with a non-default 1750, the switch assigns this value to the accounting port UDP port numbers. Because auth-port was not included in the command, the authentication UDP port is set to the default 1812.

Figure 47. Example of Configuring for a RADIUS Server with a Non-Default Accounting UDP Port Number

The radius-server command as shown in figure 47, above, configures the switch to use a RADIUS server at IP address 10.33.18.151, with a (non-default) UDP accounting port of 1750, and a server- specific key of "source0151".

2.Configure the Types of Accounting You Want the Switch to Perform, and the Controls for Sending Accounting Reports from the Switch to the RADIUS Server

Select the Accounting Type(s):

Exec: Use exec if you want to collect accounting information on login sessions on the switch via the console, Telnet, or SSH. (See also “Accounting” on page 103.)

System: Use system if you want to collect accounting data when:A system boot or reload occursSystem accounting is turned on or off

Note that there is no timespan associated with using the system option. It simply causes the switch to transmit whatever accounting data it currently has when one of the above events occurs.

Network: Use Network if you want to collect accounting information on 802.1X port-based- access users connected to the physical ports on the switch to access the network. (See also “Accounting” on page 103.) For information on this feature, refer to “Configuring Port-Based Access Control (802.1X)” on page 29.

119