HP VPN Firewall Appliances Access Control Configuration Guide
230
Tearing down user connections
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Tear down AAA user
connections.
cut connection { access-type portal |
all | domain isp-name | interface
interface-type interface-number | ip
ip-address | mac mac-address |
ucibindex ucib-index | user-name
user-name | vlan vlan-id }
The command applies to portal
and PPP user connections.
Configuring a NAS ID-VLAN binding
The access locations of users can be identified by their access VLANs. In application scenarios where
identifying the access locations of users is a must, configure NAS ID-VLAN bindings on the device. Then,
when a user gets online, the device obtains the NAS ID by the access VLAN of the user and sends the
NAS ID to the RADIUS server through the NAS-identifier attribute.
To configure a NAS ID-VLAN binding:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a NAS ID profile and
enter NAS ID profile view.
aaa nas-id profile profile-name
You can apply a NAS ID profile to an
interface enabled with portal. For
more information, see "Configuring
portal authentication."
3. Configure a NAS ID-VLAN
binding.
nas-id nas-identifier bind vlan
vlan-id
By default, no NAS ID-VLAN binding
exists.
Displaying and maintaining AAA
Task Command
Remarks
Display the configuration of
ISP domains.
display domain [ isp-name ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display information about
user connections.
display connection [ access-type portal | domain
isp-name | interface interface-type interface-number |
ip ip-address | mac mac-address | ucibindex
ucib-index | user-name user-name | vlan vlan-id ] [ |
{ begin | exclude | include } regular-expression ]
Available in any view.