Filter
Top Products
620 CHAPTER 33: HWTACACS CONFIGURATION
The setting of real-time accounting interval somewhat depends on the performance
of the NAS and the TACACS server: a shorter interval requires higher device
performance. You are therefore recommended to adopt a longer interval when there
are a large number of users (more than 1000, inclusive). Table 683 lists the numbers
of users and the recommended intervals.
The real-time accounting interval defaults to 12 minutes.
Displaying and
Debugging
HWTACACS Protocol
After the above configuration, execute display command in any view to display the
running of the AAA and RADIUS/HWTACACS configuration, and to verify the effect
of the configuration. Execute reset command in user view to reset AAA and
RADIUS/HWTACACS statistics, etc . Execute debugging command in user view to
debug AAA and RADIUS/HWTACACS.
Table 683 Numbers of users and the recommended intervals
Number of users Real-time accounting interval (minutes)
1–99 3
100–499 6
500–999 12
ƒ1000 ƒ15
Table 684 Displaying and debugging AAA and RADIUS/HWTACACS protocol
Operation Command
Display the configuration information of the
specified or all the ISP domains.
display domain [ isp-name ]
Display related information of user's
connection
display connection [ access-type dot1x |
domain domain-name | interface interface-type
interface-number | ip ip-address | mac
mac-address | radius-scheme
radius-scheme-name | vlan vlanid | ucibindex
ucib-index | user-name user-name ]
Display related information of the local user display local-user [ domain isp-name | idle-cut
{ disable | enable } | service-type { telnet | ftp |
lan-access | ssh | terminal } | state { active |
block } | user-name user-name | vlan vlan-id ]
Display the statistics of local RADIUS
authentication server
display local-server statistics
Display the configuration information of
RADIUS schemes
display radius [ radius-scheme-name ]
Display the statistics of RADIUS packets display radius statistics
Display the stopping accounting requests
saved in buffer without response
display stop-accounting-buffer {
radius-scheme radius-scheme-name | session-id
session-id | time-range start-time stop-time |
user-name user-name }
Display the specified or all the HWTACACS
schemes
display hwtacacs [ hwtacacs-scheme-name]
Display information on the stop-accounting
packets in the buffer
display stop-accounting-buffer
hwtacacs-scheme hwtacacs-scheme-name
Delete the stopping accounting requests saved
in buffer without response
reset stop-accounting-buffer { radius-scheme
radius-scheme-name | session-id session-id |
time-range start-time stop-time | user-name
user-name }
Reset the statistics of RADIUS server reset radius statistics
Clear stop-accounting packets from the buffer reset stop-accounting-buffer
hwtacacs-scheme hwtacacs-scheme-name