No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - Security

AR500, AR510, and AR530 V200R007

This document describes the configurations of Security, including AAA, DAA,NAC, BRAS Access, ACL, Firewall, Deep Security Defense, Local Attack Defense;Attack Defense, Traffic Suppression, ARP Security, Port Security, DHCP Snooping, IPSG, URPF, PKI, SSL, HTTPS, Keychain, separating the management plane from the service plane, security risks.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Default Configuration

Default Configuration

This section provides the default NAC configuration. You can change the configuration as needed.

Table 3-2 describes the default configuration of 802.1x authentication.

Table 3-2  Default configuration of 802.1x authentication


Default setting

802.1x authentication


Interface authorization status


Access control mode on the interface

MAC address-based

User authentication mode

CHAP authentication

Table 3-3 describes the default configuration of MAC address authentication.

Table 3-3  Default configuration of MAC address authentication


Default setting

MAC address authentication


User name format

User names and passwords in MAC address authentication are MAC addresses without hyphens.

User authentication domain


Table 3-4 describes the default configuration of Portal authentication.

Table 3-4  Default configuration of Portal authentication


Default setting

Portal authentication


Portal protocol versions supported by the device

v2, v1

Number of the destination port that the device uses to send packets to the Portal server


Number of the port that the device uses to listen to Portal protocol packets


Source subnet for Portal authentication

Portal authentication mode of the built-in Portal server

CHAP mode

Offline detection period

300 seconds

Updated: 2019-05-25

Document ID: EDOC1000097287

Views: 13479

Downloads: 40

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next