H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – AAA – RADIUS – HWTACACS

H3C S3100-52P Ethernet Switch

Chapter 1 AAA & RADIUS & HWTACACS

Configuration

1-5

Code

Identifier

Authenticator

Attributes

Length

Code

Identifier

Authenticator

Attributes

Length

t

Figure 1-3

RADIUS message forma

1) The Code field (one byte) decides the type of RADIUS message, as shown in

Table 1-1.

Table 1-1

Description on the major values of the Code field

Code

Message type

Message description

1 Access-Request

Direction: client->server.
The client transmits this message to the server to

determine if the user can access the network.
This message carries user information. It must contain

the User-Name attribute and may contain the following

attributes: NAS-IP-Address, User-Password and

NAS-Port.

2 Access-Accept

Direction: server->client.
The server transmits this message to the client if all the

attribute values carried in the Access-Request

message are acceptable (that is, the user passes the

authentication).

3 Access-Reject

Direction: server->client.
The server transmits this message to the client if any

attribute value carried in the Access-Request message

is unacceptable (that is, the user fails the

authentication).

4

Accounting-Req

uest

Direction: client->server.
The client transmits this message to the server to

request the server to start or end the accounting

(whether to start or to end the accounting is determined

by the Acct-Status-Type attribute in the message).
This message carries almost the same attributes as

those carried in the Access-Request message.

5

Accounting-Res

ponse

Direction: server->client.
The server transmits this message to the client to notify

the client that it has received the Accounting-Request

message and has correctly recorded the accounting

information.