beautypg.com

Aaa configuration considerations and task list – H3C Technologies H3C SecBlade LB Cards User Manual

Page 60

background image

49

No. Sub-attribute

Description

25 Result_Code

Result of the Trigger-Request or SetPolicy operation, zero for success and
any other value for failure.

26

Connect_ID

Index of the user connection.

28 Ftp_Directory

FTP user working directory. When the RADIUS client acts as the FTP server,
this attribute is used to set the FTP directory for an FTP user on the RADIUS

client.

29

Exec_Privilege

EXEC user priority.

59 NAS_Startup_Timestamp

Startup time of the NAS in seconds, which is represented by the time
elapsed after 00:00:00 on Jan. 1, 1970 (UTC).

60 Ip_Host_Addr

User IP address and MAC address carried in authentication and
accounting requests, in the format A.B.C.D hh:hh:hh:hh:hh:hh. A space is

required between the IP address and the MAC address.

61

User_Notify

Information that must be sent from the server to the client transparently.

62 User_HeartBeat

Hash value assigned after an 802.1X user passes authentication, which is
a 32-byte string. This attribute is stored in the user list on the NAS and is

used for verifying the handshake messages from the 802.1X user. This

attribute only exists in Access-Accept and Accounting-Request packets.

140 User_Group

User groups assigned after the SSL VPN user passes authentication. A user
may belong to more than one user group. In this case, the user groups are
delimited by semi-colons. This attribute is used for cooperation with the SSL

VPN device.

141 Security_Level

Security level assigned after the SSL VPN user passes security
authentication.

201 Input-Interval-Octets

Number of bytes input within a real-time accounting interval.

202 Output-Interval-Octets

Number of bytes output within a real-time accounting interval.

203 Input-Interval-Packets

Number of packets input within an accounting interval, in the unit set on
the NAS.

204 Output-Interval-Packets

Number of packets output within an accounting interval, in the unit set on
the NAS.

205 Input-Interval-Gigawords

Amount of bytes input within an accounting interval, in units of 4G bytes.

206 Output-Interval-Gigawords Amount

of bytes output within an accounting interval, in units of 4G bytes.

207 Backup-NAS-IP

Backup

source IP address for sending RADIUS packets.

255 Product_ID

Product

name.

AAA configuration considerations and task list

To configure AAA on the NAS:

1.

Configure the required AAA schemes.

{

Local authentication—Configure local users and the related attributes, including the usernames
and passwords for the users to be authenticated.

{

Remote authentication—Configure the required RADIUS and HWTACACS schemes. You must
configure user attributes on the servers accordingly.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: