H3C S7500 Series Ethernet Switches Operation Manual
Operation Manual – AAA & RADIUS & HWTACACS & EAD
H3C S7500 Series Ethernet Switches
Chapter 1 AAA & RADIUS & HWTACACS
Configuration
1-5
start-accounting request (Accounting-Request, with the Status-Type filed set to
start) to the RADIUS server.
5) The RADIUS server returns a start-accounting response (Accounting-Response).
6) The user starts to access the network resources.
7) The RADIUS client sends a stop-accounting request (Accounting-Request, with
the Status-Type field set to stop) to the RADIUS server.
8) The RADIUS server returns a stop-accounting response (Accounting-Response).
9) The resource access for the user is ended.
III. RADIUS packet structure
RADIUS uses UDP to transmit messages. It ensures the correct message exchange
between RADIUS server and client through the following mechanisms: timer
management, retransmission, and backup server.
Figure 1-3 depicts the structure of a
RADIUS packet.
Code
Identifier
Authenticator
Attribute
Length
e
Figure 1-3 RADIUS packet structur
1) The Code field (one byte) decides the type of the RADIUS packet, as shown in
Table 1-1.
Table 1-1 Description on major values of the Code field
Code Packet type Packet description
1 Access-Request
Direction: client->server.
The client transmits this packet to the server to
determine if the user can be connected.
This packet carries user information. It must
contain the User-Name attribute and may
contain the following attributes:
NAS-IP-Address, User-Password, and
NAS-Port.
2 Access-Accept
Direction: server->client.
The server transmits this packet to the client if all
the attribute values carried in the
Access-Request packet are accepted (that is,
the user passes the authentication).