No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Security

AR500, AR510, and AR530 V200R007

This document describes the configurations of Security, including AAA, DAA,NAC, BRAS Access, ACL, Firewall, Deep Security Defense, Local Attack Defense;Attack Defense, Traffic Suppression, ARP Security, Port Security, DHCP Snooping, IPSG, URPF, PKI, SSL, HTTPS, Keychain, separating the management plane from the service plane, security risks.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Default Configuration

Default Configuration

This section provides the default NAC configuration. You can change the configuration as needed.

Table 3-2 describes the default configuration of 802.1x authentication.

Table 3-2  Default configuration of 802.1x authentication

Parameter

Default setting

802.1x authentication

Disabled

Interface authorization status

Auto

Access control mode on the interface

MAC address-based

User authentication mode

CHAP authentication

Table 3-3 describes the default configuration of MAC address authentication.

Table 3-3  Default configuration of MAC address authentication

Parameter

Default setting

MAC address authentication

Disabled

User name format

User names and passwords in MAC address authentication are MAC addresses without hyphens.

User authentication domain

Default

Table 3-4 describes the default configuration of Portal authentication.

Table 3-4  Default configuration of Portal authentication

Parameter

Default setting

Portal authentication

Disabled

Portal protocol versions supported by the device

v2, v1

Number of the destination port that the device uses to send packets to the Portal server

50100

Number of the port that the device uses to listen to Portal protocol packets

2000

Source subnet for Portal authentication

0.0.0.0/0

Portal authentication mode of the built-in Portal server

CHAP mode

Offline detection period

300 seconds

Translation
Download
Updated: 2019-05-25

Document ID: EDOC1000097287

Views: 13479

Downloads: 40

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next