HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 32
the con d limit. In the latter case, the switch discards the packet.
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 32 highlights
By setting the maximum number of real-time accounting attempts for a scheme, you make the switch disconnect users for whom no accounting response is received before the number of accounting attempts reaches the limit. When the switch receives a connection teardown request from a host or a connection teardown notification from an administrator, it sends a stop-accounting request to the accounting server. You can enable buffering of non-responded stop-accounting requests to allow the switch to buffer and resend a stop-accounting request until it receives a response or the number of stop-accounting attempts reaches the configured limit. In the latter case, the switch discards the packet. Follow these guidelines when you specify RADIUS accounting servers: • The IP addresses of the primary and secondary accounting servers must be different from each other. Otherwise, the configuration fails. • All servers for authentication/authorization and accountings, primary or secondary, must use IP addresses of the same IP version. • If you delete an accounting server that is serving users, the switch can no longer send real-time accounting requests and stop-accounting requests for the users to that server, or buffer the stop-accounting requests. • You can specify a RADIUS accounting server as the primary accounting server for one scheme and as the secondary accounting server for another scheme at the same time. • RADIUS does not support accounting for FTP users. To specify RADIUS accounting servers and set relevant parameters for a scheme: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RADIUS scheme view. radius scheme radius-scheme-name N/A • Specify the primary RADIUS accounting server: primary accounting { ip-address | ipv6 ipv6-address } [ port-number | key [ cipher | simple ] key | vpn-instance Configure at least one 3. Specify RADIUS accounting vpn-instance-name ] * command. servers. • Specify a secondary RADIUS accounting No accounting server is server: specified by default. secondary accounting { ip-address | ipv6 ipv6-address } [ port-number | key [ cipher | simple ] key | vpn-instance vpn-instance-name ] * 4. Set the maximum number of real-time accounting retry realtime-accounting retry-times attempts. 5. Enable buffering of stop-accounting requests to which no responses are received. stop-accounting-buffer enable Optional. The default setting is 5. Optional. Enabled by default. 6. Set the maximum number of stop-accounting attempts. retry stop-accounting retry-times Optional. The default setting is 500. 22