H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 39

Step Command

Remarks

Specify RADIUS accounting

servers.

•

Specify the primary RADIUS
accounting server:

primary accounting { ip-address |

ipv6 ipv6-address } [ port-number |
key [ cipher | simple ] key | probe

username name [ interval interval ] ]

•

Specify a secondary RADIUS

accounting server:

secondary accounting { ip-address |
ipv6 ipv6-address } [ port-number |

key [ cipher | simple ] key | probe

username name [ interval interval ] ]
*

Configure at least one
command.
No accounting server is
specified by default.

Set the maximum number of

real-time accounting attempts. retry realtime-accounting retry-times

Optional.
5 by default.

Enable buffering of
stop-accounting requests to

which no responses are

received.

stop-accounting-buffer enable

Optional.
Enabled by default.

Set the maximum number of
stop-accounting attempts.

retry stop-accounting retry-times

Optional.
500 by default.

NOTE:
•

The IP addresses of the primary and secondary accounting servers must be different from each other.
Otherwise, the configuration fails.

•

All servers for authentication/authorization and accountings, primary or secondary, must use IP
addresses of the same IP version.

•

If you delete an accounting server that is serving users, the device can no longer send real-time
accounting requests and stop-accounting requests for the users to that server, or buffer the

stop-accounting requests.

•

You can specify a RADIUS accounting server as the primary accounting server for one scheme and as
the secondary accounting server for another scheme at the same time.

•

RADIUS does not support accounting for FTP users.

Specifying the shared keys for authenticating RADIUS packets

The RADIUS client and RADIUS server use the MD5 algorithm to encrypt packets exchanged between

them and use shared keys to authenticate the packets. They must use the same shared key for the same

type of packets.
A shared key configured in this task is for all servers of the same type (accounting or authentication) in

the scheme, and has a lower priority than a shared key configured individually for a RADIUS server.
To specify shared keys for authenticating RADIUS packets:

Step Command

Remarks

Enter system view.

system-view

N/A

This manual is related to the following products:

H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSWM1WCM10 Access Controller Module H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C WA3600 Series Access Points H3C WA2600 Series WLAN Access Points H3C S10500 Series Switches H3C S5800 Series Switches H3C S5820X Series Switches H3C S12500 Series Switches H3C S9500E Series Switches H3C MSR 5600 H3C MSR 50 H3C MSR 3600 H3C MSR 30 H3C MSR 2600 H3C MSR 20-2X[40] H3C MSR 20-1X H3C MSR 930 H3C MSR 900 H3C SR8800 H3C SR6600-X H3C SR6600 H3C SecPath F5020 H3C SecPath F5040 H3C VMSG VFW1000