Users Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series

1151

Security

The commands in this chapter are available on Dell Networking OS.

For configuration details, see the Security section in the Dell Networking OS Configuration Guide.

NOTE: Dell Networking OS implements LEAP with MSCHAP v2 supplicant.

Topics:

• AAA Accounting Commands

• Authorization and Privilege Commands

• Obscure Password Commands

• Authentication and Password Commands

• RADIUS Commands

• TACACS+ Commands

• Port Authentication (802.1X) Commands

• SSH and SCP Commands

• Secure DHCP Commands

• Role-Based Access Control Commands

AAA Accounting Commands

AAA Accounting enables tracking of services that users are accessing and the amount of network resources being consumed by those

services. When you enable AAA Accounting, the network server reports user activity to the TACACS+ security server in the form of

accounting records. Each accounting record is comprised of accounting AV pairs and is stored on the access control server.

As with authentication and authorization, you must configure AAA Accounting by defining a named list of accounting methods, and then

applying that list to various interfaces.

aaa accounting

Enable AAA Accounting and create a record for monitoring the accounting function.

Syntax

aaa accounting {system | exec | commands level | role role-name} {name |

default}{start-stop | wait-start | stop-only} {tacacs+}

To disable AAA Accounting, use the no aaa accounting {system | exec | command level}

{name | default}{start-stop | wait-start | stop-only} {tacacs+} command.

Parameters

system Enter the keyword system to send accounting information of any other AAA

configuration.

exec Enter the keyword exec to send accounting information when a user has logged in to

EXEC mode.

commands {

level

role

role-name

Enter the keyword command then a privilege level for accounting of commands executed

at that privilege level or enter the keyword role then the role name for accounting of

commands executed by a user with that user role.

name

| default Enter one of the following:

• For name, enter a user-defined name of a list of accounting methods.

• For default, the default accounting methods used.

start-stop Enter the keywords start-stop to send a “start accounting” notice at the beginning of

the requested event and a “stop accounting” notice at the end of the event.

Security 1157