RADIUS Authentication and Accounting
Configuring RADIUS Accounting
The switch forwards the accounting information it collects to the designated RADIUS server, where the information is formatted, stored, and managed by the server. For more information on this aspect of RADIUS accounting, refer to the documentation provided with your RADIUS server.
Operating Rules for RADIUS Accounting
■You can configure up to three types of accounting to run simulta- neously: exec, system, and network.
■RADIUS servers used for accounting are also used for authentication.
■The switch must be configured to access at least one RADIUS server.
■RADIUS servers are accessed in the order in which their IP addresses were configured in the switch. Use show radius to view the order. As long as the first server is accessible and responding to authentication requests from the switch, a second or third server will not be accessed. (For more on this topic, refer to “Changing
■If access to a RADIUS server fails during a session, but after the client has been authenticated, the switch continues to assume the server is available to receive accounting data. Thus, if server access fails during a session, it will not receive accounting data transmitted from the switch.
Steps for Configuring RADIUS Accounting
1.Configure the switch for accessing a RADIUS server.
You can configure a list of up to three RADIUS servers (one primary, two backup). The switch operates on the assumption that a server can operate in both accounting and authentication mode. (Refer to the documentation for your RADIUS server application.)
•Use the same
•Provide the following:
–A RADIUS server IP address.
–