Radius accounting – Allied Telesis AT-S60 User Manual

Chapter 28: 802.1x Port-based Access Control

Section V: Security Features

556

RADIUS

Accounting

The AT-S60 management software supports RADIUS accounting for
ports set to the Authenticator role. This feature allows the switch to send
information to the RADIUS server about the status of its supplicants. You
can view this information on the RADIUS server to monitor network
activity and use.

The switch sends accounting information to the RADIUS server when
one of the following events occur:

❑ Supplicant logs on

❑ Supplicant logs off

❑ A change in the status of an Authenticator port during an active

Supplicant session (for example, the port is reset or is changed
from the Authenticator role to the none role while a Supplicant is
logged on)

The information sent by the switch to the RADIUS server for an event
includes:

❑ Port number where the event occurred

❑ The date and time when the event occurred

❑ The number of packets transmitted and received by the port

during a supplicant’s session. (This information is sent only when
the client logs off.)

You can also configure the accounting feature to send interim updates
so you can monitor which clients are still active.

Here are a few guidelines to using the accounting feature:

❑ The AT-S60 management software supports the Network level of

accounting, but not the System or Exec.

❑ This feature is available for ports operating in the Authenticator

role. Accounting is not supported for ports operating in the
Supplicant or None role.

❑ You must configure 802.1x Port-based Access Control as

explained in this chapter and designate the Authenticator ports.

❑ You must also specify from one to three RADIUS servers. The

instructions for this are in Configuring RADIUS on page 547.

For instructions on configuring this feature, refer to Configuring RADIUS
Accounting on page 568.