Send Accounting Records to the RADIUS Server
Accounting records in remote access VPN help the VPN administrator track the services that users access and the amount of network resources that they consume. Accounting information includes when user session start and stop, username, the number of bytes that pass through the device for each session, the service used, and the duration of each session.
You can use accounting alone or together with authentication and authorization. When you activate AAA accounting, the network access server reports the user activity to the configured accounting server. You can configure a RADIUS server as the accounting server so that the management center sends all the user activity information to the RADIUS server.Note | You can use the same RADIUS server or separate RADIUS servers for authentication, authorization, and accounting in remote access VPN AAA settings. |
Before you begin
-
Configure a RADIUS group object with RADIUS servers to receive authentication requests or accounting records. For more information, see RADIUS Server Group Options.
-
Ensure that the RADIUS server is reachable from the threat defense device. Configure routing on your Secure Firewall Management Center at Devices > Device Management > Edit Device > Routing to ensure connectivity to the RADIUS server.
Procedure
Step 1 | On your Secure Firewall Management Center web interface, choose Devices > Remote Access. |
Step 2 | Click Edit on the remote access policy for which you want to configure RADIUS server, or create new remote access VPN policy. |
Step 3 | Click Edit on the connection profile that includes AAA settings and choose AAA. |
Step 4 | Select the RADIUS server from the Accounting Server drop-down. |
Step 5 | Save your changes. |