Cisco Cisco NAC Appliance 4.1.0
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 7 User Management: Configuring Auth Servers
RADIUS Accounting
NAS-Port – The NAS-Port value to be sent with all RADIUS accounting packets.
NAS-Port-Type –The NAS-Port-Type value to be sent with all RADIUS accounting packets.
Enable Failover – This enables sending a second accounting packet to a RADIUS failover peer
IP if the primary RADIUS accounting server’s response times out.
IP if the primary RADIUS accounting server’s response times out.
Failover Peer IP – The IP address of the failover RADIUS accounting server.
4.
Click Update to update the server configuration.
Restore Factory Default Settings
The Clean Access Manager can be restored to the factory default accounting configuration as follows:
1.
Go to Administration > Backup to backup your database before restoring default settings.
2.
Go to User Management > Auth Servers > Accounting > Server Config
3.
Click the Reset Events to Factory Default button to remove the user configuration and replace it
with the Clean Access Manager default accounting configuration.
with the Clean Access Manager default accounting configuration.
4.
Click OK in the confirmation dialog that appears.
Add Data to Login, Logout or Shared Events
For greater control over the data that is sent in accounting packets, you can add or customize the
RADIUS accounting data that is sent for login events, logout events, or shared events (data sent for both
login and logout events).
RADIUS accounting data that is sent for login events, logout events, or shared events (data sent for both
login and logout events).
Data Fields
The following data fields apply to all events (login, logout, shared):
•
Current Time (Unix Seconds)—The time the event occurred
•
Login Time (Unix Seconds)—The time the user logged on.
•
CA Manager IP—IP address of the Clean Access Manager
•
Current Time (DTF)— Current time in date time format (DTF)
•
OS Name— Operating system of the user
•
Vlan ID— VLAN ID with which the user session was created.
•
User Role Description—Description of the user role of the user
•
User Role Name—Name of the user role of the user
•
User Role ID—Role ID that uniquely identifies the user role.
•
CA Server IP— IP of the Clean Access Server the user logged into.
•
CA Server Description— Description of the Clean Access Server the user logged into.
•
CA Server Key— Key of the Clean Access Server.
•
Provider Name— Authentication provider of the user
•
Login Time (DTF)—Login time of the user in date time format (DTF)
•
User MAC—MAC address of the user
•
User IP—IP address of the user