262 CHAPTER 21: AAA CONFIGURATION
you choose to manually configure the attribute, be sure to configure an
appropriate valid IP address. If this attribute is not configured, the switch will
automatically choose the IP address of a VLAN interface as the NAS-IP-address.
Displaying and
Maintaining AAA
After the above configurations, you can execute the display commands in any
view to view the configuration result and operation status of AAA, RADIUS and
HWTACACS and verify your configuration.
You can use the reset command in user view to clear the corresponding statistics.
Tabl e 201 Enable the user re-authentication at restart function
Operation Command Remarks
Enter system view system-view -
Enter RADIUS scheme view radius scheme
radius-scheme-name
-
Enable the user
re-authentication at restart
function
accounting-on enable [
send times | interval interval
]
By default, this function is
disabled.
If you use this command
without any parameter, the
system will try at most 15
times to send an
Accounting-On message at
the interval of three seconds.
Tabl e 202 Display AAA information
Operation Command Remarks
Display configuration
information about one
specific or all ISP domains
display domain [ isp-name ] You can execute the display
command in any view.
Display information about
user connections
display connection [
access-type { dot1x |
mac-authentication } |
domain isp-name | interface
interface-type
interface-number | ip
ip-address | mac mac-address
| radius-scheme
radius-scheme-name | vlan
vlan-id | ucibindex ucib-index
| user-name user-name ]
Display information about
local users
display local-user [ domain
isp-name | idle-cut { disable |
enable } | vlan vlan-id |
service-type { ftp |
lan-access | ssh | telnet |
terminal } | state { active |
block } | user-name
user-name ]
To Next Page
Loading...
