beautypg.com

Fips compliance, Aaa configuration considerations and task list – H3C Technologies H3C S6300 Series Switches User Manual

Page 31

background image

16

No. Sub-attribute

Description

26

Connect_ID

Index of the user connection.

28 Ftp_Directory

FTP, SFTP, or SCP user working directory.
When the RADIUS client acts as the FTP, SFTP, or SCP server, this
attribute is used to set the working directory for an FTP, SFTP, or SCP user

on the RADIUS client.

29

Exec_Privilege

EXEC user priority.

59 NAS_Startup_Timestamp

Startup time of the NAS in seconds, which is represented by the time
elapsed after 00:00:00 on Jan. 1, 1970 (UTC).

60 Ip_Host_Addr

User IP address and MAC address included in authentication and
accounting requests, in the format A.B.C.D hh:hh:hh:hh:hh:hh. A space

is required between the IP address and the MAC address.

61

User_Notify

Information that must be sent from the server to the client transparently.

62 User_HeartBeat

Hash value assigned after an 802.1X user passes authentication, which
is a 32-byte string. This attribute is stored in the user list on the NAS and

verifies the handshake packets from the 802.1X user. This attribute only

exists in Access-Accept and Accounting-Request packets.

140 User_Group

User groups assigned after the SSL VPN user passes authentication. A
user can belong to multiple user groups that are separated by
semi-colons. This attribute is used to work with the SSL VPN device.

141 Security_Level

Security level assigned after the SSL VPN user passes security
authentication.

201

Input-Interval-Octets

Number of bytes input within a real-time accounting interval.

202 Output-Interval-Octets

Number of bytes output within a real-time accounting interval.

203 Input-Interval-Packets

Number of packets input within an accounting interval in the unit set on
the NAS.

204 Output-Interval-Packets

Number of packets output within an accounting interval in the unit set on
the NAS.

205

Input-Interval-Gigawords

Amount of bytes input within an accounting interval, in units of 4G bytes.

206 Output-Interval-Gigawords

Amount of bytes output within an accounting interval, in units of 4G
bytes.

207 Backup-NAS-IP

Backup

source IP address for sending RADIUS packets.

255 Product_ID

Product

name.

FIPS compliance

The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,

commands, and parameters might differ in FIPS mode (see "

Configuring FIPS

") and non-FIPS mode.

AAA configuration considerations and task list

To configure AAA, complete these tasks on the NAS:

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: