3com 4210 PWR 9-Port 3CR17341-91-ME User Manual
Product codes
3CR17341-91-ME
RADIUS Configuration Task List
261
Enabling Sending Trap
Message when a
RADIUS Server Goes
Down
n
■
This configuration takes effect on all RADIUS schemes.
■
The switch considers a RADIUS server as being down if it has tried the
configured maximum times to send a message to the RADIUS server but does
not receive any response.
configured maximum times to send a message to the RADIUS server but does
not receive any response.
Enabling the User
Re-Authentication at
Restart Function
n
The user re-authentication at restart function applies only to the environment
where the RADIUS authentication/authorization and accounting server is CAMS.
where the RADIUS authentication/authorization and accounting server is CAMS.
In an environment that a CAMS server is used to implement AAA functions, if the
switch reboots after an exclusive user (a user whose concurrent online number is
set to 1 on the CAMS) gets authenticated and authorized and begins being
charged, the switch will give a prompt that the user has already been online when
the user re-logs into the network before the CAMS performs online user
detection, and the user cannot get authenticated. In this case, the user can access
the network again only when the CAMS administrator manually removes the
user’s online information.
switch reboots after an exclusive user (a user whose concurrent online number is
set to 1 on the CAMS) gets authenticated and authorized and begins being
charged, the switch will give a prompt that the user has already been online when
the user re-logs into the network before the CAMS performs online user
detection, and the user cannot get authenticated. In this case, the user can access
the network again only when the CAMS administrator manually removes the
user’s online information.
The user re-authentication at restart function is designed to resolve this problem.
After this function is enabled, every time the switch restarts:
After this function is enabled, every time the switch restarts:
1 The switch generates an Accounting-On message, which mainly contains the
following information: NAS-ID, NAS-IP-address (source IP address), and session ID.
2 The switch sends the Accounting-On message to the CAMS at regular intervals.
3 Once the CAMS receives the Accounting-On message, it sends a response to the
switch. At the same time it finds and deletes the original online information of the
users who were accessing the network through the switch before the restart
according to the information (NAS-ID, NAS-IP-address and session ID) contained in
the message, and ends the accounting for the users depending on the last
accounting update message.
users who were accessing the network through the switch before the restart
according to the information (NAS-ID, NAS-IP-address and session ID) contained in
the message, and ends the accounting for the users depending on the last
accounting update message.
4 Once the switch receives the response from the CAMS, it stops sending
Accounting-On messages.
5 If the switch does not receive any response from the CAMS after it has tried the
configured maximum number of times to send the Accounting-On message, it will
not send the Accounting-On message any more.
not send the Accounting-On message any more.
n
The switch can automatically generate the main attributes (NAS-ID,
NAS-IP-address and session ID) contained in Accounting-On messages. However,
you can also manually configure the NAS-IP-address with the nas-ip command. If
NAS-IP-address and session ID) contained in Accounting-On messages. However,
you can also manually configure the NAS-IP-address with the nas-ip command. If
Table 200 Specify to send trap message when a RADIUS server goes down
Operation
Command
Remarks
Enter system view
system-view
-
Enable the sending of trap
message when a RADIUS
server is down
message when a RADIUS
server is down
radius trap {
authentication-server-dow
n | accounting-server-down
}
authentication-server-dow
n | accounting-server-down
}
Optional
By default, the switch does
not send trap message when
a RADIUS server is down.
not send trap message when
a RADIUS server is down.