3com 8807 User Guide
254
C
HAPTER
26: AAA
AND
RADIUS/HWTACACS P
ROTOCOL
C
ONFIGURATION
By default, the state of each server in RADIUS scheme server group is active.
Setting the Username
Format Transmitted to
RADIUS Server
As mentioned above, the supplicants are generally named in userid@isp-name
format. The part following "@" is the ISP domain name. 3Com Series Switches will
put the users into different ISP domains according to the domain names. However,
some earlier RADIUS servers reject the username including ISP domain name. In
this case, you have to remove the domain name before sending the username to
the RADIUS server. The following command of switch decides whether the
username to be sent to RADIUS server carries ISP domain name or not.
format. The part following "@" is the ISP domain name. 3Com Series Switches will
put the users into different ISP domains according to the domain names. However,
some earlier RADIUS servers reject the username including ISP domain name. In
this case, you have to remove the domain name before sending the username to
the RADIUS server. The following command of switch decides whether the
username to be sent to RADIUS server carries ISP domain name or not.
Perform the following configuration in RADIUS scheme view.
n
If a RADIUS scheme is configured not to allow usernames including ISP domain
names, the RADIUS scheme shall not be simultaneously used in more than one ISP
domain. Otherwise, the RADIUS server will regard two users in different ISP
domains as the same user by mistake, if they have the same username (excluding
their respective domain names.)
names, the RADIUS scheme shall not be simultaneously used in more than one ISP
domain. Otherwise, the RADIUS server will regard two users in different ISP
domains as the same user by mistake, if they have the same username (excluding
their respective domain names.)
By default, as for the newly created RADIUS scheme, the username sent to
RADIUS servers includes an ISP domain name; as for the "system" RADIUS scheme
created by the system, the username sent to RADIUS servers excludes the ISP
domain name.
RADIUS servers includes an ISP domain name; as for the "system" RADIUS scheme
created by the system, the username sent to RADIUS servers excludes the ISP
domain name.
Setting the Unit of Data
Flow that Transmitted to
RADIUS Server
The following command defines the unit of the data flow sent to RADIUS server.
Perform the following configuration in RADIUS scheme view.
By default, the default data unit is byte and the default data packet unit is one
packet.
packet.
Set the state of secondary RADIUS sever
state secondary{ accounting |
authentication } { block | active }
authentication } { block | active }
Table 223 Set RADIUS server state
Operation Command
Table 224 Set the username format transmitted to RADIUS server
Operation
Command
Set Username Format Transmitted to RADIUS
Server
Server
user-name-format { with-domain |
without-domain }
without-domain }
Table 225 Set the unit of data flow transmitted to RADIUS server
Operation
Command
Set the unit of data flow
transmitted to RADIUS server
transmitted to RADIUS server
data-flow-format { data { byte | giga-byte | kilo-byte |
mega-byte } } | { packet { giga-byte | kilo-byte | mega-byte
| one-packet } }
mega-byte } } | { packet { giga-byte | kilo-byte | mega-byte
| one-packet } }
Restore the unit to the default
setting
setting
undo data-flow-format