Radius accounting, Aaa operations for radius – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 136
102
Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring RADIUS security
RADIUS accounting
RADIUS accounting works as follows.
1. One of the following events occur on the device:
•
A user logs into the management interface using Telnet or SSH
•
A user enters a command for which accounting has been configured
•
A system event occurs, such as a reboot or reloading of the configuration file
2. The device checks its configuration to see if the event is one for which RADIUS accounting is
required.
3. If the event requires RADIUS accounting, the device sends a RADIUS Accounting Start packet
to the RADIUS accounting server, containing information about the event.
4. The RADIUS accounting server acknowledges the Accounting Start packet.
5. The RADIUS accounting server records information about the event.
6. When the event is concluded, the device sends an Accounting Stop packet to the RADIUS
accounting server.
7. The RADIUS accounting server acknowledges the Accounting Stop packet.
AAA operations for RADIUS
The following table lists the sequence of authentication, authorization, and accounting operations
that take place when a user gains access to a device that has RADIUS security configured.
TABLE 23
User action
Applicable AAA operations
User attempts to gain access to the
Privileged EXEC and CONFIG levels
of the CLI
Enable authentication:
aaa authentication enable default
System accounting start:
aaa accounting system default start-stop
User logs in using Telnet/SSH
Login authentication:
aaa authentication login default
EXEC accounting Start:
aaa accounting exec default start-stop
aaa accounting system default start-stop
User logs out of Telnet/SSH
session
Command authorization for logout command:
aaa authorization commands
Command accounting:
aaa accounting commands
aaa accounting exec default start-stop