HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 54
Tearing down user connections
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 54 highlights
• If you specify the radius-scheme radius-scheme-name local or hwtacacs-scheme hwtacacs-scheme-name local option when you configure an accounting method, local accounting is the backup method and is used only when the remote server is not available. • If you specify only the local or none keyword in an accounting method configuration command, the switch has no backup accounting method and performs only local accounting or does not perform any accounting. • Accounting is not supported for FTP services. To configure AAA accounting methods for an ISP domain: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter ISP domain view. domain isp-name N/A 3. Enable the accounting optional feature. accounting optional Optional. Disabled by default. With the accounting optional feature, a switch allows users to use network resources when no accounting server is available or communication with all accounting servers fails. accounting default { hwtacacs-scheme Optional. 4. Specify the default accounting hwtacacs-scheme-name [ local ] | local method for all types of users. | none | radius-scheme The default accounting method radius-scheme-name [ local ] } is local for all types of users. 5. Specify the command accounting method. accounting command hwtacacs-scheme hwtacacs-scheme-name Optional. The default accounting method is used by default. 6. Specify the accounting method for LAN users. accounting lan-access { local | none | radius-scheme radius-scheme-name [ local | none ] } Optional. The default accounting method is used by default. 7. Specify the accounting method for login users. accounting login { hwtacacs-scheme hwtacacs-scheme-name [ local ] | local | none | radius-scheme radius-scheme-name [ local ] } Optional. The default accounting method is used by default. Tearing down user connections Step 1. Enter system view. 2. Tear down AAA user connections . Command system-view cut connection { access-type { dot1x | mac-authentication } | all | domain isp-name | interface interface-type interface-number | ip ip-address | mac mac-address | ucibindex ucib-index | user-name user-name | vlan vlan-id } [ slot slot-number ] Remarks N/A The command applies only to LAN user connections. 44