H3C Technologies H3C SecPath F1000-E User Manual

Page 207

Advertising
background image

197

Item Description

Realtime-Accounting
Interval

Real-time accounting interval, whose value must be a multiple of 3.
To implement real-time accounting on users, it is necessary to set the real-time

accounting interval. With this parameter specified, the firewall sends the
accounting information of online users to the HWTACACS server every the

specified interval. According to the protocol, the firewall will not disconnect the

online users even if the server does not make any response properly.
If you leave this field blank, the real-time accounting interval is restored to the
default value.

IMPORTANT:

Consider the performance of the NAS and the HWTACACS server when you set

the real-time accounting interval. A shorter interval requires higher performance.

Use a longer interval when there are more than 1000 users.

Table 55

shows the

recommended ratios of the interval to the number of users.

Stop-Accounting Buffer

Enable or disable buffering stop-accounting requests without responses in the
firewall
Since stop-accounting requests affect the charge to users, a NAS must make its

best effort to send every stop-accounting request to the HWTACACS accounting
servers. For each stop-accounting request getting no response in the specified

period of time, the NAS buffers and resends the packet until it receives a

response or the number of transmission retries reaches the configured limit. In
the latter case, the NAS discards the packet.

Stop-Accounting Packet
Retransmission Times

The maximum number of stop-accounting packet transmission attempts if no
response is received for the stop-accounting packet
If stop-accounting buffer is disabled, this value is ineffective.
If you leave this field blank, the number of retransmission times is restored to the
default value.

Response Timeout Interval

Set the HWTACACS server response timeout time.
If no response is received from the server within the timeout interval, it may lead
to disconnection from the HWTACACS server.
If you leave this field blank, the response timeout period is restored to the default
value.

IMPORTANT:

As HWTACACS is based on TCP, the timeout of the server response timeout timer

and/or the TCP timeout timer will cause the NAS to be disconnected from the
HWTACACS server.

Quiet Interval

Specify the interval the primary server has to wait before being active.
If you leave this field blank, the quiet interval is restored to the default value.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals