Transparent mac authentication, Mute terminal authentication – H3C Technologies H3C Intelligent Management Center User Manual

Page 354

Advertising
background image

336

Table 25 Domain X and service suffix correlation

MAC address

format

Authentication domain

on the access device

Commands configured on the

access device

Service suffix in

UAM

MAC@Y X

user-name-format with-domain

X

user-name-format without-domain

None

MAC

[Default Domain]
(Default domain on the
access device)

user-name-format with-domain

[Default Domain]

user-name-format without-domain

None

Transparent MAC authentication

Transparent MAC authentication uses the following workflow:

1.

An IMC operator enables MAC authentication and RADIUS authentication on the access device,
and configures Domain X as the MAC authentication domain.

2.

When an endpoint user attempts to access the network, the access device forwards the MAC
address of the user to UAM.

3.

UAM checks the MAC address and performs MAC authentication for the user if the following
conditions are met:

{

The MAC address is not in the MAC address range configured for mute terminals.

{

The MAC address has been bound to a user account rather than the BYODanonymous account,
and the user account has applied for a service that uses the service suffix X.

{

Transparent authentication is enabled for the MAC address.

4.

After the authentication, UAM allows the user to access the network and controls the user's access
behaviors by using the service with the suffix Domain X.

Mute terminal authentication

Mute terminal authentication uses the following workflow:

1.

An IMC operator enables MAC authentication and RADIUS authentication on the access device,
and configures Domain X as the MAC authentication domain.

2.

When a mute terminal attempts to access the network, the access device forwards the MAC
address of the mute terminal to UAM.

3.

UAM checks the MAC address and performs a mute terminal authentication for the terminal if the
following conditions are met:

{

The MAC address is in the MAC address range configured for mute terminals.

{

The service applied for mute terminals in UAM has a service suffix X.

4.

After the authentication, UAM creates an account for the mute terminal by using the terminal's
MAC address, allows the terminal to access the network and controls the terminal's access
behaviors by using the service with the suffix X.

Table 26

shows the domain X and service suffix correlation in mute terminal authentication.

Advertising
Popular Brands
Popular manuals