Authentication, Authorization and Accounting (AAA) Commands
OL-32830-01 Command Line Interface Reference Guide
Command Mode
Global Configuration mode
User Guidelines
This command enables the recording of device management sessions (Telnet,
serial and WEB but not SNMP).
It records only users that were identified with a username (e.g. a user that was
logged in with a line password is not recorded).
If accounting is activated, the device sends a "start"/"stop" messages to a RADIUS
server when a user logs in / logs out respectively.
The device uses the configured priorities of the available RADIUS/TACACS+
servers in order to select the RADIUS/TACACS+ server.
The following table describes the supported RADIUS accounting attributes
values, and in which messages they are sent by the switch.
Name
User-Name (1)
NAS-IP-Address (4)
Class (25)
Called-Station-ID
(30)
Calling-Station-ID
(31)
Acct-Session-ID
(44)
Acct-Authentic (45)
Acct-Session-Time
(46)
Acct-Terminate-Cau
se (49)
Start
Stop
Messag
Message
e
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
No
Yes
Description
User's identity.
The switch IP address that is
used for the session with the
RADIUS server.
Arbitrary value is included in all
accounting packets for a specific
session.
The switch IP address that is
used for the management
session.
The user IP address.
A unique accounting identifier.
Indicates how the supplicant was
authenticated.
Indicates how long the user was
logged in.
Reports why the session was
terminated.
3
102