About radius auditing, About the vendor-specific attributes – Nortel Networks 5500 series User Manual

Page 287

Advertising
background image

Configuring the cluster

287

About RADIUS auditing

An event is generated whenever a system user logs on, logs off, or issues
a command from a CLI session. The event contains information about user
name and session ID, as well as the name of executed commands. You
can configure the system to send the event to a RADIUS server for audit
trail logging, in accordance with RFC 2866 (RADIUS Accounting).

If auditing is enabled but no RADIUS server is configured, events will still
be generated to the event log and any configured syslog servers.

When you add an external RADIUS audit server to the configuration, the
server is automatically assigned an index number. You can add several
RADIUS audit servers, for backup purposes. Nortel SNAS auditing will be
performed by an available server with the lowest index number. You can
control audit server usage by reassigning index numbers (see

“Managing

RADIUS audit servers” (page 289)

).

For information about configuring a RADIUS accounting server to log
portal user sessions, see

“Configuring RADIUS accounting” (page 110)

.

About the vendor-specific attributes

The RADIUS audit server uses Vendor-Id and Vendor-Type attributes
in combination to identify the source of the audit information. The
attributes are sent to the RADIUS audit server together with the event log
information.

Each vendor has a specific dictionary. The Vendor-Id specified for an
attribute identifies the dictionary the RADIUS server will use to retrieve
the attribute value. The Vendor-Type indicates the index number of the
required entry in the dictionary file.

The Internet Assigned Numbers Authority (IANA) has designated SMI
Network Management Private Enterprise Codes that can be assigned to
the Vendor-Id attribute (see

http://www.iana.org/assignments/enterprise

-numbers

).

RFC 2866 describes usage of the Vendor-Type attribute.

Contact your RADIUS system administrator for information about the
vendor-specific attributes used by the external RADIUS audit server.

To simplify the task of finding audit entries in the RADIUS server log, do
the following:

Nortel Secure Network Access Switch

Using the Command Line Interface

NN47230-100

03.01

Standard

28 July 2008

Copyright © 2007, 2008 Nortel Networks

.

Advertising
This manual is related to the following products:

450 series, 325 series, 425 series

Popular Brands
Popular manuals