Chapter 24 AAA
GS1920 Series User’s Guide
182
24.6 Technical Reference
This section provides technical background information on the topics discussed in this chapter.
24.6.1 Vendor Specific Attribute
RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS
server and a network access device (for example, the Switch). A company can create Vendor
Specific Attributes (VSAs) to expand the functionality of a RADIUS server.
The Switch supports VSAs that allow you to perform the following actions based on user
authentication:
Method Select whether you want to use RADIUS or TACACS+ for authorization of specific types of
events.
RADIUS is the only method for IEEE 802.1x authorization.
Accounting Use this section to configure accounting settings on the Switch.
Update Period This is the amount of time in minutes before the Switch sends an update to the accounting
server. This is only valid if you select the start-stop option for the Dot1x entry.
Type The Switch supports the following types of events to be sent to the accounting server(s):
• System - Configure the Switch to send information when the following system events
occur: system boots up, system shuts down, system accounting is enabled, system
accounting is disabled
• Dot1x - Configure the Switch to send information when an IEEE 802.1x client begins a
session (authenticates via the Switch), ends a session as well as interim updates of a
session.
Active Select this to activate accounting for a specified event types.
Broadcast Select this to have the Switch send accounting information to all configured accounting
servers at the same time.
If you don’t select this and you have two accounting servers set up, then the Switch sends
information to the first accounting server and if it doesn’t get a response from the
accounting server then it tries the second accounting server.
Mode The Switch supports two modes of recording login events. Select:
• start-stop - to have the Switch send information to the accounting server when a user
begins a session, during a user’s session (if it lasts past the Update Period), and when a
user ends a session.
• stop-only - to have the Switch send information to the accounting server only when a
user ends a session.
Method Select whether you want to use RADIUS or TACACS+ for accounting of specific types of
events.
TACACS+ is the only method for recording s type of event.
Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these
changes if it is turned off or loses power, so use the Save link on the top navigation panel
to save your changes to the non-volatile memory when you are done configuring.
Cancel Click Cancel to begin configuring this screen afresh.
Table 76 Advanced Application > AAA > AAA Setup (continued)
LABEL DESCRIPTION
