You can report user session information to an external RADIUS accounting server. If you select this mode only, the system assumes that you have set up another type of authentication method to authenticate and authorize your users to access their resources.

1. After RADIUS accounting runs successfully in an access policy, Access Policy Manager sends an accounting start request message to the external RADIUS server. The start message typically contains the user's ID, networks address, point of attachment, and a unique session identifier.
2. When the session is destroyed, Access Policy Manager issues an accounting stop message to the external RADIUS server, providing information on the final usage in terms of time, packets transferred, data transferred, and reason for disconnect, as well as other information related to the user's access.

This accounting data is used primarily for billing, statistical, and general network monitoring purposes.

For RADIUS authentication, Access Policy Manager (APM) converts an attribute value to hex if it contains unprintable characters, or if it is the class attribute. APM converts the class attribute to hex even if it contains only printable values (by attribute type). No other attributes are encoded to hex if they do not contain unprintable characters.

1. On the Main tab, click Access Policy > AAA Servers > RADIUS. The RADIUS Servers screen displays.
2. Click Create. The New Server properties screen opens.
3. In the Name field, type a unique name for the authentication server.
4. From the Mode list, select Accounting.
5. For the Server Connection setting, select one of these options:
   • Select Use Pool to set up high availability for the AAA server.
   • Select Direct to set up the AAA server for standalone functionality.
6. If you selected Use Pool, type a name in the Server Pool Name field. You create a pool of servers on this screen.
7. Provide the addresses required for your server connection:
   • If you selected Direct, type an IP address in the Server Address field.
   • If you selected Use Pool, for each pool member you want to add, type an IP address and click Add.
     Note: When you configure a pool, you have the option to type the server address in route domain format: IPAddress%RouteDomain.
8. If you selected Use Pool, you have the option to select a Server Pool Monitor to track the health of the server pool.
9. In the Accounting Service Port field, type the service port for your accounting server if the default value is not appropriate. The default is 1813.
10. In the Secret field, type the shared secret password of the server.
11. In the Confirm Secret field, re-type the shared secret password of the server.
12. In the Timeout field, type a timeout interval (in seconds) for the AAA server. This setting is optional. If you use the Timeout setting, you can also use the Retries setting. If these settings are enabled, the Access Policy Manager attempts to reach the AAA server within the specified time frame, in seconds. If the server does not respond, the Access Policy Manager retries the authentication attempt, depending on how many retries you specify.
13. In the Retries field, type the number of times the BIG-IP system should try to make a connection to the server after the first attempt fails. This setting is optional.
14. Click Finished. The new server displays on the list.

1. On the Main tab, click Access Policy > Access Profiles. The Access Profiles List screen opens.
2. In the Access Policy column, click the Edit link for the access profile you want to configure. The visual policy editor opens the access policy in a separate screen.
3. Click the (+) icon anywhere in the access policy to add a new action item.
   Note: Only an applicable subset of access policy items is available for selection in the visual policy editor for any access profile type.
   A popup screen opens, listing predefined actions on tabs such as General Purpose, Authentication, and so on.
4. From the Authentication tab, select RADIUS Acct and click Add Item. The popup screen closes. A properties popup screen opens.
5. From the AAA Server list, select a RADIUS accounting server and click Save. The properties popup screen closes and the visual policy editor displays.
6. Click Apply Access Policy to save your configuration.

You might run into problems with RADIUS authentication and accounting in some instances. Follow these tips to try to resolve any issues you might encounter.