Ruijie RG-S2900G-E Series

To Next Page

To Previous Page

Configuration Guide 802.1x Configuration

Configuring 802.1x Accounting

Our 802.1x has implemented the accounting function. Accounting is based on interval. In other words, the 802.1x records

the length of the period between the first successful authentication of the user and the user’s logoff or when the switch

detects user disconnection.

After the first successful user authentication, the switch sends an accounting start request to the server. When the user

gets off-line or the switch finds that the user has got off line or when the physical connection of the user is broken, the

switch sends an accounting end request to the server. The server group records this information in the database of the

server group. Based on such information, the NMS can provide the basis for accounting.

Our 802.1x stresses the reliability of accounting, and it specially supports the backup accounting server to avoid failures of

the accounting server. When a server can no longer provide the accounting service due to various reasons, the switch will

automatically forward the accounting information to another backup server. This greatly improves the reliability of

accounting.

When a user exits by itself, the accounting duration is accurate. When the connection of the user is broken by accident,

the accounting accuracy depends on the re-authentication interval (the switch detects the disconnection of a user by using

the re-authentication mechanism).

To enable the accounting function of the device, the following settings are necessary on the device:

 On the Radius Server, register the switch as a Radius Client, like the authentication operation.

 Set the IP address of the accounting server.

 Set the accounting UDP port.

 Enable the accounting service on the precondition that the 802.1x has been enabled.

In the privileged EXEC mode, you can set the accounting service by performing the following steps:

Command

Function

Ruijie(config)#aaa new-model

Enable the AAA function

Ruijie(config)#aaa group server radius gs

Configure the accounting server group.

Ruijie(config-gs-radius)#server address acct-port port-id

Add a server to the server group.

aaa accounting network acct start-stop group gs

Configure the accounting method list.

Ruijie(config-gs-radius)# dot1x accounting acct

Apply the accounting method list for the 802.1X.

Ruijie#show running-config

Show the configuration.

The no aaa accounting network command deletes the accounting method list. The no dot1x accounting command

restores the default dot1x accounting method. The following example sets the IP address of the accounting server to

192.1.1.1, that of the backup accounting server to 192.1.1.2, and the UDP port of the accounting server to 1200, and

enables 802.1x accounting:

Ruijie# configure terminal

Ruijie(config)# aaa new-model

Ruijie(config)# aaa group server radius acct-use

Ruijie(config-gs-radius)# server 192.168.4.12 acct-port 1200

Ruijie(config-gs-radius)# server 192.168.4.13 acct-port 1200

Ruijie(config-gs-radius)# exit

Ruijie(config)# aaa accounting network acct-list start-stop group acct-use

Main Page

Ruijie RG-S2900G-E Series - Page 518

Table of Contents

Related product manuals