beautypg.com

Enabling the radius trap function – H3C Technologies H3C S5120 Series Switches User Manual

Page 430

background image

1-24

To do…

Use the command…

Remarks

Enter system view

system-view

Enter RADIUS scheme view

radius scheme
radius-scheme-name

Specify the format of the
username to be sent to a
RADIUS server

user-name-format
{ keep-original

|

with-domain |

without-domain }

Optional

By default, the ISP domain
name is included in the
username.

Specify the unit for data flows or
packets to be sent to a RADIUS
server

data-flow-format { data { byte
| giga-byte | kilo-byte |
mega-byte } | packet
{ giga-packet | kilo-packet |
mega-packet | one-packet } }*

Optional

The defaults are as follows:

byte for data flows, and
one-packet for data packets.

z

Some earlier RADIUS servers cannot recognize usernames that contain an ISP domain name. In

this case, the device must remove the domain name before sending a username including a

domain name. You can configure the user-name-format without-domain command on the

device for this purpose.

z

If a RADIUS scheme defines that the username is sent without the ISP domain name, do not apply

the RADIUS scheme to more than one ISP domain. Otherwise, users using the same username

but in different ISP domains will be considered the same user.

z

The unit of data flows sent to the RADIUS server must be consistent with the traffic statistics unit of

the RADIUS server. Otherwise, accounting cannot be performed correctly.

Enabling the RADIUS Trap Function

If a NAS sends an accounting or authentication request to the RADIUS server but gets no response, the

NAS retransmits the request. With the RADIUS trap function enabled, when the NAS transmits the

request for half of the specified maximum number of transmission attempts, it sends a trap message;

when the NAS transmits the request for the specified maximum number of transmission attempts, it

sends another trap message.

Follow these steps to enable the RADIUS trap function:

To do…

Use the command…

Remarks

Enter system view

system-view

Enable the RADIUS trap
function

radius trap
{ accounting-server-down |
authentication-server-down }

Required

Disabled by default

Specifying the Source IP Address for RADIUS Packets to Be Sent

After you specify the source IP address for RADIUS packets to be sent, if the physical interface for

sending the RADIUS packets fails, response packets from the RADIUS server will be able to arrive the

NAS.

See also other documents in the category H3C Technologies Routers: