Manualshelf

R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
51525354555657585960
41
ip ip-address: Specifies the IP address of the user.
location port slot-number subslot-number port-number: Specifies the port to which the user is bound. The
slot-number argument ranges from 0 to 255, the subslot-number argument ranges from 0 to 15, and the
port-number argument ranges from 0 to 255.
mac mac-address: Specifies the MAC address of the user in the format H-H-H.
vlan vlan-id: Specifies the VLAN to which the user belongs. The vlan-id argument ranges from 1 to 4094.
Usage guidelines
Binding attributes are checked upon authentication of a local user. If the binding attributes of a local user
do not match the configured ones, the user fails checking and authentication.
Binding attribute checking does not take the service types of users into account. A configured binding
attribute is effective for all types of users. Configure binding attributes for different types of local users
with caution. For example, an IP address binding applies only to 802.1X authentication that supports IP
address upload. If the authentication method such as MAC authentication does not support IP address
upload, do not configure an IP address binding for the authentication method. Otherwise, local
authentication fails.
Examples
# Configure the bound IP of local user abc as 3.3.3.3.
<Sysname> system-view
[Sysname] local-user abc
[Sysname-luser-abc] bind-attribute ip 3.3.3.3
display local-user
Use display local-user to display configuration and statistics information about local users.
Syntax
In standalone mode:
display local-user [ idle-cut { disable | enable } | service-type { dvpn | ftp | lan-access | portal | ppp
| ssh | telnet | terminal } | state { active | block } | user-name user-name | vlan vlan-id ] [ slot
slot-number ] [ | { begin | exclude | include } regular-expression ]
In IRF mode:
display local-user [ idle-cut { disable | enable } | service-type { dvpn | ftp | lan-access | portal | ppp
| ssh | telnet | terminal } | state { active | block } | user-name user-name | vlan vlan-id ] [ chassis
chassis-number slot slo
t-number ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
idle-cut { disable | enable }: Specifies local users with the idle cut function disabled or enabled.
service-type: Specifies the local users who use a specified type of service.
dvpn: DVPN tunnel users.