Chapter 23 Authentication & Accounting
GS2200-48 User’s Guide
199
23.2.4 Vendor Specific Attribute
RFC 2865 standard specifies a method for sending vendor-specific information
between a RADIUS server and a network access device (for example, the Switch).
A company can create Vendor Specific Attributes (VSAs) to expand the
functionality of a RADIUS server.
Type The Switch supports the following types of events to be sent to the
accounting server(s):
• System - Configure the Switch to send information when the
following system events occur: system boots up, system shuts down,
system accounting is enabled, system accounting is disabled
• Exec - Configure the Switch to send information when an
administrator logs in and logs out via the console port, telnet or SSH.
• Dot1x - Configure the Switch to send information when an IEEE
802.1x client begins a session (authenticates via the Switch), ends a
session as well as interim updates of a session.
• Commands - Configure the Switch to send information when
commands of specified privilege level and higher are executed on the
Switch.
Active Select this to activate accounting for a specified event types.
Broadcast Select this to have the Switch send accounting information to all
configured accounting servers at the same time.
If you don’t select this and you have two accounting servers set up, then
the Switch sends information to the first accounting server and if it
doesn’t get a response from the accounting server then it tries the
second accounting server.
Mode The Switch supports two modes of recording login events. Select:
• start-stop - to have the Switch send information to the accounting
server when a user begins a session, during a user’s session (if it
lasts past the Update Period), and when a user ends a session.
• stop-only - to have the Switch send information to the accounting
server only when a user ends a session.
Method Select whether you want to use RADIUS or TACACS+ for accounting of
specific types of events.
TACACS+ is the only method for recording Commands type of event.
Privilege This field is only configurable for Commands type of event. Select the
threshold command privilege level for which the Switch should send
accounting information. The Switch will send accounting information
when commands at the level you specify and higher are executed on the
Switch.
Apply Click Apply to save your changes to the Switch’s run-time memory. The
Switch loses these changes if it is turned off or loses power, so use the
Save link on the top navigation panel to save your changes to the non-
volatile memory when you are done configuring.
Cancel Click Cancel to begin configuring this screen afresh.
Table 64 Advanced Application > Auth and Acct > Auth and Acct Setup (continued)
LABEL DESCRIPTION
