258 CHAPTER 21: AAA CONFIGURATION
Configuring the
Attributes of Data to be
Sent to RADIUS Servers
n
■ Generally, the access users are named in the userid@isp-name format. Here,
isp-name after the "@" character represents the ISP domain name, by which
the device determines which ISP domain a user belongs to. However, some old
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Set the status of the primary
RADIUS
authentication/authorization
server
state primary
authentication { block |
active }
Optional
By default, the primary
RADIUS servers in the default
RADIUS scheme "system" are
in the active state, the
secondary servers in the
scheme are in the block state,
and all RADIUS servers in all
other RADIUS schemes are in
the block state.
Set the status of the primary
RADIUS accounting server
state primary accounting {
block | active }
Set the status of the
secondary RADIUS
authentication/authorization
server
state secondary
authentication { block |
active }
Set the status of the
secondary RADIUS accounting
server
state secondary accounting
{ block | active }
Table 196 Set the status of RADIUS servers
Operation Command Remarks
Tabl e 197 Configure the attributes of data to be sent to RADIUS servers
Operation Command Remarks
Enter system view system-view -
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Set the format of the user
names to be sent to RADIUS
server
user-name-format {
with-domain |
without-domain }
Optional
By default, the user names
sent from the switch to
RADIUS server carry ISP
domain names.
Set the units of data flows to
RADIUS servers
data-flow-format data {
byte | giga-byte | kilo-byte |
mega-byte } packet {
giga-packet | kilo-packet |
mega- packet | one-packet }
Optional
By default, in a RADIUS
scheme, the data unit and
packet unit for outgoing
RADIUS flows are byte and
one-packet respectively.
Set the MAC address format
of the Calling-Station-Id (Type
31) field in RADIUS packets
calling-station-id mode {
mode1 | mode2 } {
lowercase | uppercase }
Optional
By default, the MAC address
format is XXXX-XXXX-XXXX,
in lowercase.
Set the source IP address of
outgoing RADIUS messages
RADIUS scheme view
nas-ip ip-address
Optional
By default, no source IP
address is set; and the IP
address of the corresponding
outbound interface is used as
the source IP address.
System view
radius nas-ip ip-address
To Next Page
Loading...
