Configuring radius related attributes, Specifying nas-port-type for an interface, Specifying a nas id profile for an interface – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 181

Advertising
background image

167

Configuring RADIUS related attributes

Specifying NAS-Port-Type for an interface

NAS-Port-Type is a standard RADIUS attribute for indicating a user access port type. With this attribute

specified on an interface, when a portal user logs on from the interface, the device uses the specified
NAS-Port-Type value as that in the RADIUS request to be sent to the RADIUS server. If NAS-Port-Type is not

specified, the device uses the access port type obtained.
If there are multiple network devices between the Broadband Access Server (BAS, the portal

authentication access device) and a portal client, the BAS may not be able to obtain the correct access
port information of a user. For example, for a wireless client using portal authentication, the access port

type obtained by the BAS may be the type of the wired port that authenticates the user. To make sure that

the BAS delivers the right access port information to the RADIUS server, you must specify the

NAS-Port-Type according to the practical access environment.
To specify the NAS-Port-Type value for an interface:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter interface view.

interface interface-type
interface-number

N/A

3.

Specify the NAS-Port-Type
value for the interface.

portal nas-port-type { ethernet |
wireless }

Not configured by default

Specifying a NAS ID profile for an interface

In some networks, users' access points are identified by their access VLANs. Network carriers need to
use NAS-identifiers to identify user access points. With a NAS ID profile specified on an interface, when

a user logs in from the interface, the access device checks the specified profile to obtain the NAS ID that

is bound with the access VLAN. The value of this NAS ID is used as that of the NAS-identifier attribute in

the RADIUS packets to be sent to the RADIUS server.
A NAS ID profile defines the binding relationship between VLANs and NAS IDs. A NAS ID-VLAN
binding is defined by the nas-id id-value bind vlan vlan-id command, which is described in detail in AAA

configuration commands in Security Command Reference.
If no NAS-ID profile is specified for an interface or no matching binding is found in the specified profile,

the device uses the device name as the interface NAS ID.
To configure a NAS ID profile for an interface:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Create a NAS ID profile and
enter NAS ID profile view.

aaa nas-id profile profile-name

For more information about the
command, see Security Command

Reference.

3.

Bind a NAS ID with a VLAN. nas-id nas-identifier bind vlan

vlan-id

For more information about the
command, see Security Command

Reference.

Advertising
This manual is related to the following products:

H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C LSWM1WCM10 Access Controller Module, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C WA3600 Series Access Points, H3C WA2600 Series WLAN Access Points, H3C S10500 Series Switches, H3C S5800 Series Switches, H3C S5820X Series Switches, H3C S12500 Series Switches, H3C S9500E Series Switches, H3C MSR 5600, H3C MSR 50, H3C MSR 3600, H3C MSR 30, H3C MSR 2600, H3C MSR 20-2X[40], H3C MSR 20-1X, H3C MSR 930, H3C MSR 900, H3C SR8800, H3C SR6600-X, H3C SR6600, H3C SecPath F5020, H3C SecPath F5040, H3C VMSG VFW1000

Popular Brands
Popular manuals