Filter
Top Products
187 | AuthenticationServers DellPowerConnectW-SeriesArubaOS6.2 | User Guide
3. (Optional) In the Profile Details pane, select RADIUS Interim Accounting to allow the controller to send
Interim-Update messages with current user statistics to the server at regular intervals. This option is disabled by
default, allowing the controller to send only
start
and
stop
messages RADIUS accounting server.
4. In the profile list, scroll down and select the Radius Accounting Server Group for the AAA profile. Select the
server group from the drop-down menu.
You can add additional servers to the group or configure server rules.
5. Click Apply.
Using the CLI
(host)(config) #aaa profile <profile>
radius-accounting <group>
radius-interim-accounting
TACACS+ Accounting
TACACS+ accounting allows commands issued on the controller to be reported to TACACS+ servers. You can
specify the types of commands that are reported (action, configuration, or show commands) or have all commands
reported.
You can configure TACACS+ accounting only with the CLI:
(host)(config) #aaa tacacs-accounting server-group <group> command
{action|all|configuration|show} mode {enable|disable}
Configuring Authentication Timers
Table 57 describes the timers you can configure that apply to all clients and servers. These timers can be left at their
default values for most implementations.
Timer Description
User Idle Timeout Maximum period after which a client is considered idle if there is no wireless
traffic from the client.The timeout period is reset if there is wireless traffic. If
there is no wireless traffic in the timeout period, the client is aged out. Once the
timeout period has expired, the user is removed. If the keyword seconds is not
specified, the value defaults to minutes at the command line
Range: 1 to 255 minutes (30 to 15300seconds)
Default: 5 minutes (300 seconds)
Authentication Server Dead
Time
Maximum period, in minutes, that the controller considers an unresponsive
authentication server to be “out of service”.
This timer is only applicable if there are two or more authentication servers
configured on the controller. If there is only one authentication server configured,
the server is never considered out of service and all requests are sent to the
server.
If one or more backup servers are configured and a server is unresponsive, it is
marked as out of service for the dead time; subsequent requests are sent to the
next server on the priority list for the duration of the dead time. If the server is
responsive after the dead time has elapsed, it can take over servicing requests
from a lower-priority server; if the server continues to be unresponsive, it is
marked as down for the dead time.
Range: 0–50 minutes
Default: 10 minutes
Table 57:
Authentication Timers