614 Configuring AAA for network users
NN47250-500 (Version 03.01)

Clearing location policy rules and disabling the location policy

To delete a location policy rule, use the following command:
clear location policy rule-number
Type show location policy to display the numbers of configured location policy rules. To disable the location policy on
a WSS, delete all the location policy rules.

Configuring accounting for wireless network users

Accounting records come in three types: start, stop, and update. WSS Software generates these records based on the
configured accounting mode, either start-stop or stop-only:
When start-stop mode is configured, a start record is generated when a user is first connected, an update record is
generated when a user roams from one AP to another, and a stop record is generated when a user terminates his or
her session.
When stop-only mode is configured, a stop record is generated when a user terminates his or her session.
Optionally, WSS Software can be configured to send update records at periodic intervals, and also generate an
Accounting-On message when the WSS starts, and an Accounting-Off message when the WSS is administratively shut
down. This functionality can be used in conjunction with billing systems that require periodic accounting messages.
To set accounting, type the following command:
set accounting {admin | console | dot1x | mac | web | last-resort}
{ssid ssid-name | wired} {user-wildcard | mac-addr-wildcard}
{start-stop | stop-only} method1 [method2] [method3] [method4]
For example, to store start-stop accounting records at example.com for 802.1X users of SSID mycorp in the local
database, type the following command:
WSS# set accounting dot1x ssid mycorp *@example.com start-stop local
success: change accepted.
The accounting records can contain the following session information:
Start Records Update and Stop Records
Session date and time Session date and time
Location of authentication (if any):
RADIUS server (1) or local database (2) Location of authentication (if any): RADIUS server
(1) or local database (2)
ID for related sessions ID for related sessions
Username Username
Session duration Session duration
Timestamp Timestamp
VLAN name VLAN name
Client’s MAC address Client’s MAC address