Radius accounting – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

RADIUS Introduction and Configuration

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

46.7

Figure 46-4: Example showing RADIUS Proxy

RADIUS Accounting

There are only two types of RADIUS accounting packet: Accounting-Request and
Accounting-Response

.

The Accounting-Request packets are always sent from the NAS to the server. The
Accounting-Response

packets are always sent from the server to the NAS, and are

effectively ACKs of the Accounting-Request packets.

The Accounting-Request packets always carry the attribute Acct-Status-Type.
The most commonly used values of this attribute are:

■

Start – which denotes a packet marking that a session is beginning

■

Stop – which denotes a packet marking that a session is ending

■

Interim update – packets sent periodically during the session to give update reports
on the statistics that are being collected.

The statistics that can be exchanged in the session are:

■

Input Octets

■

Input Packets

■

Output Octets

■

Output Packets

■

Session Duration

There is no requirement to exchange all these statistics – NAS implementations are at
liberty to choose which statistics they will send. Each of these statistics has a
corresponding attribute type. The attributes are sent in Interim-Update and Stop
accounting request packets.

RADIUS proxy

Internet

LAN switch

LAN switch

RADIUS server
holding VPN
user database

RADIUS server
holding 802.1x
user database

RADIUS server
holding device
management user
database

NetAdmin requesting
management access

Remote VPN clients

802.1x supplicants

VPN access
concentrator