RADIUS Authentication, Authorization, and Accounting

Configuring RADIUS Accounting

Configuring RADIUS Accounting

RADIUS Accounting Commands

Page

[no] radius-server host < ip-address>

5-40

[acct-port < port-number>]

5-40

[key < key-string >]

5-40

[no] aaa accounting < exec network system commands>

5-44

< start-stop stop-only> radius

 

[no] aaa accounting update

5-44

periodic < 1 - 525600 > (in minutes)

 

[no] aaa accounting suppress null-username

5-44

show accounting

5-49

show accounting sessions

5-50

show radius accounting

5-50

 

 

Note

This section assumes you have already:

 

 

 

Configured RADIUS authentication on the switch for one or more

 

access methods

 

 

 

 

 

Configured one or more RADIUS servers to support the switch

 

If you have not already done so, refer to “General RADIUS Setup Procedure”

 

on page 5-7before continuing here.

 

 

 

RADIUS accounting collects data about user activity and system events and

 

 

sends it to a RADIUS server when specified events occur on the switch, such

 

as a logoff or a reboot. The switches covered in this guide support four types

 

of accounting services:

 

 

 

 

 

Network accounting: Provides records containing the information

 

listed below on clients directly connected to the switch and operating

 

under Port-Based Access Control (802.1X):

 

 

 

Acct-Authentic

Acct-Session-Id

MS-RAS-Vendor

 

Acct-Delay-Time

Acct-Session-Time

NAS-Identifier

 

Acct-Input-Octets

Acct-Status-Type

NAS-IP-Address

 

Acct-Input-Packets

Acct-Terminate-Cause

NAS-Port

 

Acct-Output-Octets

Called-Station-Id

Service-Type

 

Acct-Output-Packets

HP-acct-terminate-

Username

 

 

 

 

cause

 

 

5-37