Scenario:

In this example, we will use "FreeRADIUS" as accounting server.

Procedures:

1. Configure the RADIUS server parameters and switch's IP address.

Tips: the "encryption key" is defined by user on RADIUS server, thus it must be configured correctly.

Console#configure
Console(config)#interface vlan 1
Console(config-if)#ip address 192.168.1.1/24
Console(config-if)#exit
Console(config)#radius-server 1 host 192.168.1.88 key support

2. Enable the dot1x on global mode.

Console(config)#dot1x system-auth-control

3. Enable dot1x and accounting function on the port interface, and let the client connect to this port.

Console(config)#aaa accounting dot1x default start-stop group radius
Console(config)#interface ethernet 1/2
Console(config-if)#dot1x port-control auto
Console(config-if)#accounting dot1x default

Result:

After the client gets authentication successfully, then switch starts to send the accounting packet (Figure 1) to the FreeRADIUS server.

Figure 1: Capture the accounting packet on FreeRADIUS server.

When the client's connection is disconnected, switch will send the total traffic information of this client.

Figure 2: The traffic information of accounting log in the FreeRADIUS server.

Tips: If the FreeRADIUS receive the accounting packet, it start to record the log automatically by default. You can find the log in this path "/var/log/freeradius/radacct/".