Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3

151

152

153

154

155

156

157

158

159

160

AAA Commands

Mobility System Software Command Reference Guide

Version 7.3

9 – 162

Syntax

set accounting {dot1x | mac | web | last-resort} {ssid ssid-name | wired}

{user-glob | mac-addr-glob} {start-stop | stop-only}

method1 [method2] [method3] [method4]

Defaults

Accounting is disabled for all users by default.

Access

Enabled.

History

Usage

For network users with start-stop accounting profiles whose records are sent to a RADIUS

server, MSS sends interim updates to the RADIUS server when the user roams.

Examples

The following command issues stop-only records to the RADIUS server group sg2 for

network user Nin, who is authenticated by 802.1X:

MX# set accounting dot1x Nin stop-only sg2

dot1x Users with network access through the MX switch who are

authenticated by 802.1X.

mac Users with network access through the MX switch who are

authenticated by MAC authentication

web Users with network access through the MX switch who are

authenticated by WebAAA

ssid ssid-name SSID name to which this accounting rule applies. To apply the

rule to all SSIDs, type any.

wired Applies this accounting rule specifically to users who are

authenticated on a wired authentication port.

user-glob Single user or set of users with administrative access or

network access.

Specify a username, use the double-asterisk wildcard character

(**) to specify all usernames, or use the single-asterisk wildcard

character (*) to specify a set of usernames up to or following the

first delimiter character—either an at sign (@) or a period (.).

(For details, see “User Globs” on page 2–7.)

Note: This option does not apply if mac or last-resort is

specified. For mac, specify a mac-addr-glob.

mac-addr-glob A single user or set of users with access via a MAC address.

Specify a MAC address, or use the wildcard (*) character to

specify a set of MAC addresses. (For details, see “MAC

Address Globs” on page 2–7.)

This option applies only when mac is specified.

start-stop Sends accounting records at the start and end of a network

session.

stop-only Sends accounting records only at the end of a network session.

method1

method2

method3

method4

At least one of up to four methods that MSS uses to process

accounting records. Specify one or more of the following

methods in priority order. If the first method does not succeed,

MSS tries the second method, and so on.

A method can be one of the following:

❑ local—Stores accounting records in the local database on

the MX switch. When the local accounting storage space is

full, MSS overwrites older records with new ones.

❑ server-group-name—Stores accounting records on one or

more Remote Authentication Dial-In User Service

(RADIUS) servers. You can also enter the names of existing

RADIUS server groups as methods.

Version 1.0 Command introduced

Version 3.0 web option added