3com WX3000 Manual De Usuario
2-12
To do…
Use the command…
Remarks
Set the IP address and port
number of the secondary
RADIUS accounting server
number of the secondary
RADIUS accounting server
secondary accounting
ip-address [ port-number ]
ip-address [ port-number ]
Optional
By default, the IP address and
UDP port number of the
secondary accounting server
are 0.0.0.0 and 1813 for a
newly created RADIUS
scheme.
UDP port number of the
secondary accounting server
are 0.0.0.0 and 1813 for a
newly created RADIUS
scheme.
Enable stop-accounting
request buffering
request buffering
stop-accounting-buffer
enable
enable
Optional
By default, stop-accounting
request buffering is enabled.
request buffering is enabled.
Set the maximum number of
transmission attempts of a
buffered stop-accounting
request.
transmission attempts of a
buffered stop-accounting
request.
retry stop-accounting
retry-times
retry-times
Optional
By default, the system tries at
most 500 times to transmit a
buffered stop-accounting
request.
most 500 times to transmit a
buffered stop-accounting
request.
Set the maximum allowed
number of continuous real-time
accounting failures
number of continuous real-time
accounting failures
retry realtime-accounting
retry-times
retry-times
Optional
By default, the maximum
allowed number of continuous
real-time accounting failures is
five. If five continuous failures
occur, the device cuts down the
user connection.
allowed number of continuous
real-time accounting failures is
five. If five continuous failures
occur, the device cuts down the
user connection.
z
In an actual network environment, you can specify one server as both the primary and secondary
accounting servers, as well as specifying two RADIUS servers as the primary and secondary
accounting servers respectively. In addition, because RADIUS adopts different UDP ports to
exchange authentication/authorization messages and accounting messages, you must set a port
number for accounting different from that set for authentication/authorization.
z
With stop-accounting request buffering enabled, the device first buffers the stop-accounting
request that gets no response from the RADIUS accounting server, and then retransmits the
request to the RADIUS accounting server until it gets a response, or the maximum number of
transmission attempts is reached (in this case, it discards the request).
z
You can set the maximum allowed number of continuous real-time accounting failures. If the
number of continuously failed real-time accounting requests to the RADIUS server reaches the set
maximum number, the device cuts down the user connection.
z
The IP address and port number of the primary accounting server of the default RADIUS scheme
"system" are 127.0.0.1 and 1646 respectively.
z
Currently, RADIUS does not support the accounting of FTP users.
Configuring Shared Keys for RADIUS Messages
Both RADIUS client and server adopt MD5 algorithm to encrypt RADIUS messages before they are
exchanged between the two parties. The two parties verify the validity of the RADIUS messages