47
2. Determine the access type or service type to be configured. With AAA, you can configure an
accounting method for each access type and service type, limiting the accounting protocols that
can be used for access.
3. Determine whether to configure an accounting method for all access types or service types.
Follow these guidelines when you configure AAA accounting methods for an ISP domain:
• If you configure the accounting optional command, the limit on the number of local user
connections is not effective.
• The accounting method specified with the accounting default command is for all types of users and
has a priority lower than that for a specific access type.
• If you specify the radius-scheme radius-scheme-name local or hwtacacs-scheme
hwtacacs-scheme-name local option when you configure an accounting method, local accounting
is the backup method and is used only when the remote server is not available.
• If you specify only the local or none keyword in an accounting method configuration command, the
switch has no backup accounting method and performs only local accounting or does not perform
any accounting.
• Accounting is not supported for FTP services.
To configure AAA accounting methods for an ISP domain:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter ISP domain view.
domain isp-name N/A
3. Enable the accounting
optional feature.
accounting optional
Optional.
Disabled by default.
With the accounting optional
feature, a switch allows users to
use network resources when no
accounting server is available
or communication with all
accounting servers fails.
4. Specify the default accounting
method for all types of users.
accounting default { hwtacacs-scheme
hwtacacs-scheme-name [ local ] | local
| none | radius-scheme
radius-scheme-name [ local ] }
Optional.
The default accounting method
is local for all types of users.
5. Specify the command
accounting method.
accounting command
hwtacacs-scheme
hwtacacs-scheme-name
Optional.
The default accounting method
is used by default.
6. Specify the accounting
method for LAN users.
accounting lan-access { local | none |
radius-scheme radius-scheme-name
[ local | none ] }
Optional.
The default accounting method
is used by default.
7. Specify the accounting
method for login users.
accounting login { hwtacacs-scheme
hwtacacs-scheme-name [ local ] | local
| none | radius-scheme
radius-scheme-name [ local ] }
Optional.
The default accounting method
is used by default.
To Next Page
Loading...
Need help?
General