H3C Technologies H3C S12500-X Series Switches User Manual

26

Step Command

Remarks

3.

Specify a VPN for the RADIUS
scheme.

vpn-instance vpn-instance-name

By default, a RADIUS scheme
belongs to the public network.

361B

Setting the username format and traffic statistics units

A username is typically in the format userid@isp-name, where isp-name represents the user's ISP domain

name. By default, the ISP domain name is included in a username. However, older RADIUS servers might

not recognize usernames that contain the ISP domain names. In this case, you can configure the device

to remove the domain name of each username to be sent.
For correct identification of users, do not configure the device to remove the ISP domain names from
usernames for the RADIUS scheme that is referenced by two or more ISP domains.
The device reports online user traffic statistics in accounting packets. The traffic measurement units are

configurable, but they must be the same as configured on the RADIUS accounting servers.
To set the username format and the traffic statistics units for a RADIUS scheme:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter RADIUS scheme view.

radius scheme
radius-scheme-name

N/A

3.

Set the format for usernames
sent to the RADIUS servers.

user-name-format { keep-original
| with-domain | without-domain }

Optional.
By default, the ISP domain name is

included in a username.

4.

Set the data flow and packet
measurement units for traffic

statistics.

data-flow-format { data { byte |
giga-byte | kilo-byte |
mega-byte } | packet

{ giga-packet | kilo-packet |

mega-packet | one-packet } }*

Optional.
By default, traffic is counted in

bytes and packets.

362B

Setting the maximum number of RADIUS request transmission attempts

RADIUS uses UDP packets to transfer data. Because UDP communication is not reliable, RADIUS uses a
retransmission mechanism to improve reliability. If a NAS sends a RADIUS request to a RADIUS server

but does not receive a response before the response timeout timer (defined by the timer response-timeout

command) expires, the NAS retransmits the request. If the number of transmission attempts exceeds the

specified limit but the NAS still does not receive a response, it tries to communicate with other RADIUS
servers in active state. If no other servers are in active state at the time, the NAS considers the

authentication or accounting attempt a failure. For more information about the RADIUS server response

timeout timer, see "

719H

Setting RADIUS timers

."

To set the maximum number of RADIUS request transmission attempts:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter RADIUS scheme view.

radius scheme
radius-scheme-name

N/A

3.

Set the maximum number of RADIUS
request transmission attempts.

retry retry-times

The default setting is 3.