R3102-R3103-HP 6600/HSR6600 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-G Router

151

152

153

154

155

156

157

158

159

160

137

To set the maximum number of online portal users allowed in the system:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Set the maximum number of

online portal users.

portal max-user max-number

By default, the maximum number of

online portal users is the maximum

number of online portal users

supported by the system.

Specifying an authentication domain for portal users

After you specify an authentication domain for portal users on an interface, the device uses the

authentication domain for authentication, authorization, and accounting (AAA) of all portal users on the

interface, ignoring the domain names carried in the usernames. This allows you to specify different

authentication domains for different interfaces as needed.

To specify the authentication domain for portal users on an interface:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter interface view.

interface interface-type

interface-number

N/A

3. Specify an authentication

domain for portal users on the

interface.

portal domain domain-name

By default, no authentication

domain is specified for portal

users.

The device selects the authentication domain for a portal user on an interface in this order: the

authentication domain specified for the interface, the authentication domain carried in the username,

and the system default authentication domain. For information about the default authentication domain,

see "Configuring AAA."

Configuring RADIUS related attributes

Specifying the NAS ID value carried in a RADIUS request

If the device uses a RADIUS server for authentication, authorization, and accounting of portal users,

when a portal user logs on from an interface, the device sends a RADIUS request that carries the

NAS-Identifier attribute to the RADIUS server. The RADIUS server uses the NAS-Identifier attribute in the

RADIUS request to identify the device.

You can specify the NAS-identifier attribute value to be carried in a RADIUS request in system view or

interface view. The device prefers the value specified in interface view. If no NAS ID is configured for the

interface, the device uses the NAS ID configured in system view.

To specify the NAS ID value carried in a RADIUS request:

Ste

Command

Remarks

1. Enter system view.

system-view N/A