Chapter 56 AAA
GS1920v2 Series User’s Guide
352
56.5 Technical Reference
This section provides technical background information on the topics discussed in this chapter.
56.5.1 Vendor Specific Attribute
RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server
and a network access device (for example, the Switch). A company can create Vendor Specific
Attributes (VSAs) to expand the functionality of a RADIUS server.
The Switch supports VSAs that allow you to perform the following actions based on user authentication:
• Limit bandwidth on incoming or outgoing traffic for the port the user connects to.
• Assign account privilege levels (See the CLI Reference Guide for more information on account
privilege levels) for the authenticated user.
The VSAs are composed of the following:
• Vendor-ID: An identification number assigned to the company by the IANA (Internet Assigned
Numbers Authority). Zyxel’s vendor ID is 890.
• Vendor-Type: A vendor specified attribute, identifying the setting you want to modify.
• Vendor-data: A value you want to assign to the setting.
Note: Refer to the documentation that comes with your RADIUS server on how to configure
VSAs for users authenticating through the RADIUS server.
The following table describes the VSAs supported on the Switch.
Mode The Switch supports two modes of recording login events. Select:
• start-stop – to have the Switch send information to the accounting server when a user begins
a session, during a user’s session (if it lasts past the Update Period), and when a user ends a
session.
• stop-only – to have the Switch send information to the accounting server only when a user
ends a session.
Method Select whether you want to use radius or tacacs+ for accounting of specific types of events.
tacacs+ is the only method for recording Commands type of event.
Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these
changes if it is turned off or loses power, so use the Save link on the top navigation panel to
save your changes to the non-volatile memory when you are done configuring.
Cancel Click Cancel to begin configuring this screen afresh.
Table 196 SECURITY > AAA > AAA Setup (continued)
LABEL DESCRIPTION
To Next Page
Loading...
