25
secondary authentication
{ host-name | ipv4-address | ipv6
ipv6-address } [ port-number |
key { cipher | simple } string |
test-profile profile-name |
vpn-instance
vpn-instance-name | weight
weight-value ] *
feature is enabled for the RADIUS
scheme.
The
test-profile
profile-name and
weight
weight-value
options are
available in Release 1121 and
later.
Specifying the RADIUS accounting servers and the relevant parameters
You can specify one primary accounting server and a maximum of 16 secondary accounting servers
for a RADIUS scheme. When the primary server is not available, the device searches for the
secondary servers in the order they are configured. The first secondary server in active state is used
for communication.
If redundancy is not required, specify only the primary server. A RADIUS accounting server can act
as the primary accounting server for one scheme and a secondary accounting server for another
scheme at the same time.
When RADIUS server load sharing is enabled, the device distributes the workload over all servers
without considering the primary and secondary server roles. The device checks the weight value and
number of currently served users for each active server, and then determines the most appropriate
server in performance to receive an accounting request.
The device sends a stop-accounting request to the accounting server in the following situations:
• The device receives a connection teardown request from a host.
• The device receives a connection teardown command from an administrator.
When the maximum number of realtime accounting attempts is reached, the device disconnects
users who have no accounting responses.
RADIUS does not support accounting for FTP, SFTP, and SCP users.
To specify a RADIUS server by hostname in an MPLS VPN network, first complete one of the
following tasks on the device:
• Configure hostname-to-IP address mappings for the VPN by using the ip host or ipv6 host
command.
• Configure a DNS server for the VPN by using the dns server or ipv6 dns server command.
For more information about these commands, see Layer 3—IP Services Command Reference.
To specify RADIUS accounting servers and the relevant parameters for a RADIUS scheme:
1. Enter system view.
system-view
N/A
2. Enter RADIUS scheme view.
radius-scheme-name N/A
3. Specify RADIUS accounting
servers.
• Specify
accounting server:
primary accounting { host-name
| ipv4-address | ipv6
ipv6-address } [ port-number | key
{ cipher | simple } string |
vpn-instance vpn-instance-name
| weight weight-value] *
• Specify a
accounting server:
secondary accounting
By
server is specified.
Two accounting servers in a
secondary, cannot have the
hostname, IP address, port
number, and VPN.
The
weight
weight-value
option takes effect only when
To Next Page
Loading...
Need help?
General