R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101
94
user-name user-name: Specifies the user connections that use the username. The user-name argument is
a case-sensitive string of 1 to 80 characters. For a username entered without a domain name, the system
assumes that the user is in the default domain name or the mandatory authentication domain.
vlan vlan-id: Specifies the user connections of a VLAN. The vlan-id argument ranges from 1 to 4094.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Getting Started Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use display connection to display information about AAA user connections.
This command does not display information about FTP user connections.
With no parameter specified, this command displays brief information about all AAA user connections.
If you specify the ucibindex ucib-index option, this command displays detailed information. Otherwise,
this command displays brief information.
If an interface is configured with a mandatory authentication domain, the firewall uses the mandatory
authentication domain to perform authentication, authorization, and accounting for users who access the
interface through the specified access type. To display connections of such users, use the display
connection domain isp-name command and specify the mandatory authentication domain.
How the firewall displays the usernames of users on an interface configured with a mandatory
authentication domain depends on the format of the usernames entered by users at login:
• If the username does not contain the at sign (@), the firewall displays the username in the format
username@mandatory authentication domain name.
• If the username contains the at sign (@), the firewall displays only the entered username. For
example, if a user entered the username aaa@123 at login and the name of the mandatory
authentication domain is dom, the firewall displays the username aaa@123, rather than
aaa@123@dom.
Related commands: cut connection.
Examples
# Display information about all AAA user connections.
<Sysname> display connection
Index=1 ,Username=telnet@system
IP=10.0.0.1
IPv6=N/A
Total 1 connection(s) matched.
# Display information about AAA user connections using the index of 0.
<Sysname> display connection ucibindex 0
Index=0 , Username=telnet@system
IP=10.0.0.1
IPv6=N/A
Access=Admin ,AuthMethod=PAP