Tearing down user connections forcibly – H3C Technologies H3C S7500E Series Switches User Manual
Page 62
2-33
z
With the accounting optional command configured, a user that would be otherwise
disconnected can still use the network resources even when no accounting server is available or
communication with the current accounting server fails.
z
The local accounting method is not used to implement accounting, but to work together with the
access-limit command, which is configured in local user view, to limit the number of local user
connections. However, with the accounting optional command configured, the limit on the
number of local user connections is not effective.
z
The accounting method specified with the accounting default command is for all types of users
and has a priority lower than that for a specific access mode.
z
With the radius-scheme
radius-scheme-name
local or hwtacacs-scheme
hwtacacs-scheme-name local keyword and argument combination configured, local accounting
is the backup method and is used only when the remote server is not available.
z
If you specify only the local or none keyword in an accounting method configuration command,
the device has no backup accounting method and performs only local accounting or does not
perform any accounting.
z
Accounting is not supported for FTP services.
Tearing Down User Connections Forcibly
Follow these steps to tear down user connections forcibly:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Tear down AAA user connections
forcibly (on a distributed device)
cut connection { access-type { dot1x |
mac-authentication | portal } | all | domain
isp-name | interface interface-type
interface-number | ip ip-address | mac
mac-address | ucibindex ucib-index | user-name
user-name | vlan vlan-id } [ slot slot-number ]
Required
Applicable to only
LAN access, and
portal user
connections at
present.
Tear down AAA user connections
forcibly (on a distributed IRF
member device)
cut connection { access-type { dot1x |
mac-authentication | portal } | all | domain
isp-name | interface interface-type
interface-number | ip ip-address | mac
mac-address | ucibindex ucib-index | user-name
user-name | vlan vlan-id } [ chassis
chassis-number slot slot-number ]
Required
Applicable to only
LAN access, and
portal user
connections at
present.