Starting Radius Accounting M - Cisco M10-RM Software Manual

Chapter 13 Configuring RADIUS and TACACS+ Servers
When WDS is configured, PoD requests should be directed to the WDS. The WDS forwards the
Note
disassociation request to the parent access point and then purges the session from its own internal tables.
PoD is supported on the Cisco CNS Access Registrar (CAR) RADIUS server, but not on the Cisco
Note
Secure ACS Server, v4.0 and earlier.
Beginning in privileged EXEC mode, follow these steps to configure a PoD:
Command
Step 1 configure terminal
Step 2
aaa pod server [port port number]
[auth-type {any | all | session-key}]
[clients client 1...] [ignore {server-key
string...| session-key }] | server-key
string...]}
Step 3
end
Step 4 show running-config
Step 5 copy running-config startup-config

Starting RADIUS Accounting m

The AAA accounting feature tracks the services that users are accessing and the amount of network
resources that they are consuming. When AAA accounting is enabled, the access point reports user
activity to the RADIUS security server in the form of accounting records. Each accounting record
contains accounting attribute-value (AV) pairs and is stored on the security server. This data can then
be analyzed for network management, client billing, or auditing. See the
the Access Point" section on page 13-20
point.
Beginning in privileged EXEC mode, follow these steps to enable RADIUS accounting for each Cisco
IOS privilege level and for network services:
OL-14209-01
Purpose
Enter global configuration mode.
Enables user sessions to be disconnected by requests from a RADIUS
server when specific session attributes are presented.
port port number—(Optional) The UDP port on which the access point
listens for PoD requests. The default value is 1700.
auth-type—This parameter is not supported for 802.11 sessions.
clients (Optional)—Up to four RADIUS servers may be nominated as
clients. If this configuration is present and a PoD request originates from
a device that is not on the list, it is rejected.
ignore (Optional)—When set to server_key, the shared secret is not
validated when a PoD request is received.
session-key—Not supported for 802.11 sessions.
server-key—Configures the shared-secret text string.
string—The shared-secret text string that is shared between the network
access server and the client workstation. This shared-secret must be the
same on both systems.
Note Any data entered after this parameter is treated as the shared
secret string.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
for a complete list of attributes sent and honored by the access
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
Configuring and Enabling RADIUS
"RADIUS Attributes Sent by
13-13