H3C Technologies H3C WX3000 Series Unified Switches User Manual

25-17

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enable the sending of trap
message when a RADIUS server is
down

radius trap
{ authentication-server-down |
accounting-server-down

}

Optional
By default, the device does not
send trap message when a
RADIUS server is down.

z

This configuration takes effect on all RADIUS schemes.

z

The device considers a RADIUS server as being down if it has tried the configured maximum times
to send a message to the RADIUS server but does not receive any response.

Enabling the User Re-Authentication at Restart Function

The user re-authentication at restart function applies only to the environment where the RADIUS
authentication/authorization and accounting server is CAMS.

In an environment that a CAMS server is used to implement AAA functions, if the device reboots after an
exclusive user (a user whose concurrent online number is set to 1 on the CAMS) gets authenticated and
authorized and begins being charged, the device will give a prompt that the user has already been
online when the user re-logs into the switching engine before the CAMS performs online user detection,
and the user cannot get authenticated. In this case, the user can access the network again only when
the CAMS administrator manually removes the user's online information.

The user re-authentication at restart function is designed to resolve this problem. After this function is
enabled, every time the device restarts:

1) The device generates an Accounting-On message, which mainly contains the following information:

NAS-ID, NAS-IP-address (source IP address), and session ID.

2) The device sends the Accounting-On message to the CAMS at regular intervals.

3) Once the CAMS receives the Accounting-On message, it sends a response to the device. At the

same time it finds and deletes the original online information of the users who were accessing the
network through the device before the restart according to the information (NAS-ID,
NAS-IP-address and session ID) contained in the message, and ends the accounting for the users
depending on the last accounting update message.

4) Once the device receives the response from the CAMS, it stops sending Accounting-On

messages.