- Download
Software
- Research a
Problem - Case Management
- Communities and Forums
- Contract & Product Management
- Technical Documentation Advanced Search
- Documentation Feedback Form
- Documentation Symbols Key
- End-of-Life Products
- Guidelines and Policies
- Security Resources
Juniper was the first North American IP routing vendor to achieve the prestigious TL 9000 certification by the Quality of Excellence for Suppliers of Telecommunications (QuEST) Forum in the router category, for design, development, provision and service and support.
What is J-Care?
It's the world-class service and support that you expect from a company that delivers the industry's best infrastructure and security products. With J-Care, you now have the confidence knowing that Juniper will do our part to keep you on top of the world!
Configuring 802.1X RADIUS Accounting (CLI Procedure)
RADIUS accounting permits statistical data about users logging onto or off a LAN to be collected and sent to a RADIUS accounting server. The statistical data gathered can be used for general network monitoring, to analyze and track usage patterns, or to bill a user based upon the amount of time or type of services accessed.
To configure basic RADIUS accounting using the CLI:
- Specify the accounting servers to which the switch
will forward accounting statistics:
[edit access]
user@switch# set profile profile1 radius accounting-server [122.69.1.250 122.69.1.252] - Define the RADIUS accounting servers:
[edit access]
user@switch# set radius-server 122.69.1.250 secret juniper
user@switch# set radius-server 122.69.1.252 secret juniper1 - Enable accounting for an access profile:
[edit access]
user@switch# set profile profile1 accounting - Configure the RADIUS servers to use while sending
accounting messages and updates:
[edit access]
user@switch# set profile profile1 accounting order radius none - Configure the statistics to be collected on the
switch and forwarded to the accounting server:
[edit access]
user@switch# set profile profile1 accounting order stop-on-access-deny
user@switch# set profile profile1 accounting order stop-on-failure - Display accounting statistics collected on the
switch:
user@switch> show network-access aaa statistics accountingAccounting module statistics Requests received: 1 Accounting Response failures: 0 Accounting Response Success: 1 Requests timedout: 0
- Open an accounting log on the RADIUS accounting
server using the server's address, and view accounting statistics:
[root@freeradius]# cd /usr/local/var/log/radius/radacct/122.69.1.250
[root@freeradius 122.69.1.250]# lsdetail-20071214
[root@freeradius 122.69.1.250]# vi details-20071214
Thu Feb 7 01:01:00 2008 User-Name = "md5user01" NAS-Port = 4325376 Acct-Status-Type = Start Acct-Session-Id = "8O2.1x80101b" NAS-Identifier = "sys-java97" NAS-Port-Type = Virtual NAS-IP-Address = 10.93.15.197 Client-IP-Address = 10.93.15.197 Acct-Unique-Session-Id = "b0a382acdc4387a5" Timestamp = 1202374860 Thu Feb 7 02:34:47 2008 User-Name = "md5user01" NAS-Port = 4325376 Acct-Status-Type = Stop Acct-Session-Id = "8O2.1x8011b" Acct-Input-Octets = 0 Acct-Output-Octets = 72 Acct-Session-Time = 1202349593 Acct-Input-Packets = 0 Acct-Output-Packets = 1 Acct-Terminate-Cause = Lost-Carrier Acct-Input-Gigawords = 0 Acct-Output-Gigawords = 0 NAS-Identifier = "sys-java97" NAS-Port-Type = Virtual NAS-IP-Address = 10.93.15.197 Client-IP-Address = 10.93.15.197 Acct-Unique-Session-Id = "eb4e171ae562daf5" Timestamp = 1202380487