Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

How to configure Radius Accounting for bridge mode clients on Aruba controllers? 

Jul 17, 2014 10:16 AM

Introduction : Prior to AOS version 6.3, Radius Accounting was supported for clients connected to AP in tunnel and split-tunnel modes. With AOS version 6.3.0.0, Aruba now supports Radius accounting for clients connected to bridge mode SSIDs as well.
 
In OS version 6.3, we can now send the bridge user statistics in the Radius accounting start, stop and interim records.
As of AOS version 6.3.0.0, the AP should be in bridge mode and the operation mode should be Standard. Other operation modes like persistent, always and backup modes are not supported. Radius Accounting for bridge clients are supported only for wireless users.

 

Feature Notes : RADIUS accounting allows user activity and statistics to be reported from the controller to RADIUS servers.
 
 RADIUS accounting works as follows:
 

  1. The controller generates an Accounting Start packet when a user logs in. The code field of transmitted RADIUS packet is set to 4 (Accounting-Request). Note that sensitive information, such user passwords, are not sent to the accounting server. The RADIUS server sends an acknowledgement of the packet.
  1. The controller sends an Accounting Stop packet when a user logs off; the packet information includes various statistics such as elapsed time, input and output bytes and packets. The RADIUS server sends an acknowledgement of the packet.
  1. If interim accounting is enabled, the controller sends updates at regular intervals. Each interim record includes cumulative user statistics, including received bytes and packets counters.
 

rtaImage.png

 

 

Environment :

This article applies to all the controllers running AOS version 6.3.0.0 and higher

 

 

Configuration Steps : Through WebUI:

  1. Navigate to Configuration> Authentication> AAA Profile
  2. Click the desired AAA profile
  3. Enable “RADIUS Interim Accounting
  4. Click “Apply” at the bottom.


rtaImage.png



       v. Map this AAA profile in the desired bridge mode Virtual AP profile along with the SSID profile.


Through CLI:

     i. Enable Radius interim accounting in the AAA profile





      ii. Configure the AAA profile in the desired bridge mode Virtual AP profile along with the SSID profile.

To disable the feature, use the commandno radius-interim-accounting
 
AP sends accounting messages every 15 seconds to the controller. Controller sends the cumulative accounting statistics at configured intervals to the RADIUS server. The interval can be configured as below:


rtaImage.png
 

Statistics
0 Favorited
7 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.