This command allows
you to specify the IP address and shared secret of the RADIUS accounting
client from which RADIUS accounting requests are received. The RADIUS
client can be either the access gateway or the RADIUS accounting
server depending on which device is sending accounting requests.
Privilege:
Security Administrator,
Administrator
Syntax
radius accounting { client { ipv4/ipv6_address | ipv4/ipv6_address/mask } [ encrypted ] key key [ acct-onoff [ aaa-context aaa_context_name ] [ aaa-group aaa_server_group_name ] [ clear-sessions ] + ] [ dictionary dictionary ] [ disconnect-message [ dest-port destination_port_number ] + | interim create-new-call }
no radius accounting { client { ipv4/ipv6_address | ipv4/ipv6_address/mask } | interim
create-new-call }
default radius accounting
interim create-new-call
no
If previously configured,
removes the specified configuration.
ipv4/ipv6_address | ipv4/ipv6_address/mask
Specifies the IP address,
and optionally subnet mask of the RADIUS client from which RADIUS
accounting requests are received.
ipv4/ipv6_address/ipv4/ipv6_address/mask must
be in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation.
A maximum of 16 IP
addresses can be configured.
[ encrypted ] key key
- encrypted:
Specifies that the shared key between the RADIUS client and this
service is encrypted.
- key key: Specifies
the shared key between the RADIUS client and this service.In
StarOS 12.1 and earlier releases, key must
be an alphanumeric string of 1 through 127 characters and is case sensitive.
acct-onoff [ aaa-context aaa_context_name ] [ aaa-group aaa_server_group_name ] [ clear-sessions ] +
IMPORTANT:
This option is applicable
only to the IPSG Proxy Mode.
Specifies to proxy
accounting On/Off messages to AAA server.
- aaa-context aaa_context_name:
Specifies the context to find AAA server groups. If not specified,
by default, the AAA context will be the source context.aaa_context_name must
be the name of a AAA context, and must be an alphanumeric string
of 1 through 79 characters.
- aaa-group aaa_server_group_name:
Specifies the AAA server group. If not specified, by default, the
AAA server group will be default.aaa_server_group_name must
be the name of AAA server group, and must be an alphanumeric string
of 1 through 63 characters.
- clear-sessions:
Specifies to clear IPSG sessions on receiving accounting On/Off messages.
- +:
Indicates that more than one of the preceding options may be specified
in a single command.
dictionary dictionary
Specifies the dictionary
to use.
IMPORTANT:
In this release, eWAG supports
only the starent-vsa1 dictionary.
dictionary can
be one of the following.
Dictionary |
Description |
3gpp2
|
This dictionary consists
not only of all of the attributes in the standard dictionary, but
also all of the attributes specified in IS-835-A.
|
3gpp2-835
|
This dictionary consists
not only of all of the attributes in the standard dictionary, but
also all of the attributes specified in IS-835.
|
customX
|
These are customized
dictionaries. For information on custom dictionaries, please contact
your Cisco account representative.
X is the
integer value of the custom dictionary.
|
standard
|
This dictionary consists
only of the attributes specified in RFC 2865, RFC 2866, and RFC
2869.
|
starent
|
This dictionary consists
of all of the attributes in the starent-vsa1 dictionary and incorporates
additional Starent Networks VSAs
by using a two-byte VSA Type field. This dictionary is the master-set
of all of the attributes in all of the dictionaries supported by
the system.
|
starent-835
|
This dictionary consists
of all of the attributes in the starent-vsa1-835 dictionary and
incorporates additional Starent
Networks VSAs by using a two-byte VSA Type field. This dictionary
is the master-set of all of the attributes in all of the -835 dictionaries
supported by the system.
|
starent-vsa1
|
This dictionary consists
not only of the 3GPP2 dictionary, but also includes Starent Networks vendor-specific
attributes (VSAs) as well. The VSAs in this dictionary support a
one-byte wide VSA Type field in order to support certain RADIUS
applications. The one-byte limit allows support for only 256 VSAs
(0–255). This is the default dictionary.
IMPORTANT:
In StarOS 12.0 and
later releases, no new attributes can be added to the starent-vsa1 dictionary.
If there are new attributes to be added, you can only add them to
the starent dictionary.
For more information, please contact your Cisco account representative.
|
starent-vsa1-835
|
This dictionary consists
not only of the 3GPP2-835 dictionary, but also includes Starent Networks vendor-specific
attributes (VSAs) as well. The VSAs in this dictionary support a
one-byte wide VSA Type field in order to support certain RADIUS
applications. The one-byte limit allows support for only 256 VSAs
(0–255). This is the default dictionary.
|
IMPORTANT:
For information on
the specific dictionary to use for your deployment contact your
Cisco account representative.
disconnect-message [ dest-port destination_port_number ]
Specifies to send
RADIUS disconnect message to the configured RADIUS accounting client in
call failure scenarios.
dest-port destination_port_number:
Specifies the port number to which the disconnect message must be
sent.
destination_port_number must
be an integer from 1 through 65535.
interim create-new-call
IMPORTANT:
This option does not
apply to the IPSG Proxy Mode.
Specifies to create
a new session upon receipt of a RADIUS interim message.
Default: Disabled
Usage:
Use this command to
configure the communication parameters for the RADIUS client from
which RADIUS accounting requests are received.
Example:
The following command
configures the service to communicate with a RADIUS client with an
IP address of
10.2.3.4 and
an encrypted shared secret of
key1234:
radius accounting client
10.2.3.4 encrypted key key1234