Introduction- •RADIUS accounting can be configured now in default vpn profile, default via profile and custom via profile. This feature will allow administrator to account traffic for the users connecting through VIA
Feature Notes- •RADIUS accounting start is sent when the vpn/via client connects
•RADIUS accounting stop is sent when the user is disconnected
•Acct-Session-Time in the radius stop packet indicates the session duration in seconds
Network Topology-
Configuration Steps-
1. Create a radius server
(3200) (config) #aaa authentication-server radius demo_acct host 10.15.80.252
(3200) (config) #aaa authentication-server radius demo_acct key Aruba@123
2. Add the radius server to a server group
(3200) (config) #aaa server-group demo_grp auth-server demo_acct
3. Add the radius server group to the via profile
(3200) (config) #aaa authentication via auth-profile default radius-accounting demo_grp
Answer- (3200) (config) #show aaa authentication via auth-profile default
VIA Authentication Profile "default"
------------------------------------
Parameter Value
--------- -----
Default Role default-via-role
Server Group default
RADIUS Accounting Server Group demo_grp
Max Authentication failures 0
Description N/A
Check certificate common name against AAA server Enabled
Authentication protocol pap
RFC 3576 server N/A
PAN firewalls Integration Disabled
Verification- To Verify Enable logging:
•logging level debugging security process aaa
•logging level debugging security process authmgr subcat aaa