No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R011C10 Configuration Guide - User Access and Authentication

This document describes the working mechanisms, configuration procedures, and configuration examples of User Access and Authentication features, such as AAA, DAA, NAC, PPPoE, Policy Association, and IP session.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Setting the Source Address of Offline Detection Packets

Setting the Source Address of Offline Detection Packets

Context

The device sends an ARP probe packet to check the user online status. If the user does not respond within a detection period, the device considers that the user is offline.

NOTE:
  • This function does not take effect for users who use Layer 3 Portal authentication.

  • In the SVF or policy association scenario, you are advised to run the access-user arp-detect default ip-address command to set the source IP address of offline detection packets to 0.0.0.0. In the SVF scenario, the command must be configured on the UC device and takes effect only for UC detection. The default source IP address of offline detection packets for AS detection is 0.0.0.0. In the policy association scenario, you can directly configure the command on the AS device.

  • In normal situations, after a device sends an ARP probe packet with a default source IP address, online clients will immediately respond with ARP reply packets. If online clients do not respond with ARP reply packets, the device logs them out unexpectedly. To resolve this problem, use either of the following methods:
    • Run the access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address command to specify a VLAN ID, source IP address, and source MAC address for ARP probe packets.
    • Run the authentication timer handshake-period handshake-period command to increase the handshake period so that the device can detect gratuitous ARP packets that these clients send at an irregular period. Once the device detects such packets, it does not log them out.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Set the source address of offline detection packets.

    • Run access-user arp-detect default ip-address ip-address

      The default source IP address of offline detection packets is set.

      By default, the default source IP address of offline detection packets is 0.0.0.0.

    • Run access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address

      The source IP address and source MAC address are specified for offline detection packets in a VLAN.

      By default, the source IP address and source MAC address are not specified for offline detection packets in a VLAN.

      You are advised to set the user gateway IP address and its corresponding MAC address as the source IP address and source MAC address of offline detection packets.

    NOTE:
    The following source IP addresses used in offline detection packets are listed in descending order of priority:
    1. IP address of the VLANIF interface corresponding to the VLAN that users belong to and on the same network segment as users
    2. Source IP address specified using the access-user arp-detect vlan vlan-id ip-address ip-address mac-address mac-address command for offline detection packets in a specified VLAN
    3. Default source IP address specified using the access-user arp-detect default ip-address ip-address command for offline detection packets

Translation
Download
Updated: 2019-10-21

Document ID: EDOC1000178117

Views: 130160

Downloads: 62

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next