R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101
165
To do… Use the command…
Remarks
Enter system view system-view —
Tear down AAA user connections
cut connection { access-type portal | all | domain
isp-name | interface interface-type
interface-number | ip ip-address | mac
mac-address | ucibindex ucib-index | user-name
user-name | vlan vlan-id }
Required
Applicable to only
portal and PPP user
connections.
Configuring a NAS ID-VLAN binding
The access locations of users can be identified by their access VLANs. In application scenarios where it
is required to identify the access locations of users, configure NAS ID-VLAN bindings on the device. Then,
when a user gets online, the device obtains the NAS ID by the access VLAN of the user and sends the
NAS ID to the RADIUS server through the NAS-identifier attribute.
Follow these steps to configure a NAS ID-VLAN binding:
To do… Use the command…
Remarks
Enter system view system-view —
Create a NAS ID profile and enter
NAS ID profile view
aaa nas-id profile profile-name
Required
You can apply a NAS ID profile to
an interface enabled with portal.
See the chapter “Portal
configuration” in Access Control
Configuration Guide.
Configure a NAS ID-VLAN binding
nas-id nas-identifier bind vlan
vlan-id
Required
By default, no NAS ID-VLAN
binding exists.
Displaying and maintaining AAA
To do… Use the command…
Remarks
Display the configuration
information of ISP domains
display domain [ isp-name ] Available in any view
Display information about user
connections
display connection [ access-type portal |
domain isp-name | interface interface-type
interface-number | ip ip-address | mac
mac-address | ucibindex ucib-index |
user-name user-name | vlan vlan-id ]
Available in any view