beautypg.com

Radius accounting, Radius accounting -46, Advanced configuration radius accounting – HP ProCurve 520wl Wireless Access Point User Manual

Page 88

background image

Advanced Configuration

RADIUS Accounting

Using an external RADIUS server, the AP can track and record the length of client sessions on the access point by
sending RADIUS accounting messages per RFC2866. When a wireless client is successfully authenticated, RADIUS
accounting is initiated by sending an “Accounting Start” request to the RADIUS server. When the wireless client
session ends, an “Accounting Stop” request is sent to the RADIUS server.

Session Length

Accounting sessions continue when a client reauthenticates to the same AP. Sessions are terminated when:
• A client disassociates.
• A client does not transmit any data to the AP for a fixed amount of time.
• A client is detected on a different interface.
If the client roams from one AP to another, one session is terminated and a new session is begun.

NOTE

This feature requires RADIUS authentication using MAC Access Control or 802.1x. Wireless clients
configured in the Access Point’s static MAC Access Control list are not tracked.

Configuring RADIUS Accounting

Follow these steps to enable RADIUS accounting on the AP:
1. Within the RADIUS Accounting Configuration screen, place a check mark in the Enable RADIUS Accounting

box to turn on this feature.

2. Place a check mark in the box labeled Enable Primary RADIUS Accounting Server.
3. If you want to configure a back-up RADIUS server, place a check mark in the box labeled Enable Back-up

RADIUS Accounting Server.

4. Enter the session timeout interval in minutes within the Accounting Inactivity Timer field. An accounting session

automatically ends for a client that is idle for the period of time specified. Range is 1-60 minutes; default is
5 minutes.

5. Select a Server Addressing Format type (IP Address or Name).

If you want to identify RADIUS servers by name, you must configure the Access Point as a DNS Client. See

DNS Client

for details.

6. Enter the server’s IP address or name in the field provided.
7. Enter the port number which the AP and the server will use to communicate. By default, RADIUS accounting uses

port 1813.

8. Enter the Shared Secret in the Shared Secret and Confirm Shared Secret field. This is a password shared by the

RADIUS server and the AP. The same password must also be configured on the RADIUS server.

9. Enter the maximum time, in seconds, that the AP should wait for the RADIUS server to respond to a request in the

Response Time field. Range is 1-10 seconds; default is 3 seconds.

10. Enter the maximum number of times an authentication request may be retransmitted in the Maximum

Retransmissions field. Range is 1-4; default is 3.

11. If you are configuring a back-up server, repeat Steps 5 through 10 for the back-up server.
12. Click OK to save your changes.
13. Reboot the AP device for these changes to take effect.

4-46