Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 364

Advertising
background image

352

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

7

7. Set the following Network Access Identifier routing values:

8. Select the RADIUS Accounting tab.

FIGURE 6

AAA Policy - RADIUS Accounting scree

Request Attempts

Specify the number of attempts a client can retransmit a missed frame to the RADIUS server before
it times out of the authentication session. The available range is between 1 and 10 attempts. The
default is 3 attempts.

Request Timeout

Specify the time between 1 and 60 seconds for the re-transmission of request packets. If this time
is exceeded, the authentication session is terminated.

Request Timeout Factor

Specify the amount of time between 50 and 200 seconds between retry timeouts for the
re-transmission of request packets. The default is 100.

DSCP

Specify the DSCP value as a 6-bit parameter in the header of every IP packet used for packet
classification. The valid range is between 0 and 63 with a default value of 46.

NAI Routing Enable

Check to enable NAI routing. AAA servers identify clients using the NAI. The NAI is a character string
in the format of an e-mail address as either user or user@ but it need not be a valid e-mail address
or a fully qualified domain name. The NAI can be used either in a specific or generic form. The
specific form, which must contain the user portion and may contain the @ portion, identifies a
single user. The generic form allows all users in a given or without a to be configured on a single
command line. Each user still needs a unique security association, but these associations can be
stored on a AAA server. The original purpose of the NAI was to support roaming between dialup
ISPs. Using NAI, each ISP need not have all the accounts for all of its roaming partners in a single
RADIUS database. RADIUS servers can proxy requests to remote servers for each.

Realm

Enter the realm name in the field. The name cannot exceed 50 characters. When the RADIUS
server receives a request for a user name the server references a table of usernames. If the user
name is known, the server proxies the request to the RADIUS server.

Realm Type

Specify whether the Prefix or Suffix of the username is matched to the realm.

Strip Realm

Check strip to remove information from the packet when NAI routing is enabled.

Advertising
Popular Brands
Popular manuals