No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
(Optional) Configuring the Format of the NAS-Port Attribute

(Optional) Configuring the Format of the NAS-Port Attribute

You can configure different formats of the NAS-Port attribute so that the NE40E can communicate with RADIUS servers from different vendors.

Context

Perform the following steps on the router:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run radius-server groupgroup-name

    The RADIUS server group view is displayed.

  3. Run radius-server format-attribute { nas-port format-sting | nas-port-id { vendor { vendor-id [ version1 ] | redback-simple | redback-addition } | version1 | version2 } | option82 }

    The format of the NAS-Port attribute and format of the NAS-Port-Id attribute are configured.

    When you configure the format of the NAS-Port-Id attribute:

    • If vendor-id is set to 2352, the NE40E uses the default format of Redback to encapsulate the NAS-Port-Id attribute.

      The encapsulation format is slot/port[vpi-vci vpi vci | vlan-id [ivlan:]evlan] [pppoe sess-id | clips sess-id].

      Format example: 2/5 vlan-id 4 pppoe 8.

      NOTE:

      If a logical interface is configured on the user access interface, encapsulate packets on the logical interface. Otherwise, encapsulate packets on the user access interface. pppoe sess-id indicates session ID of a PPPoE user. clips sess-id indicates CID of DHCP users on the device. For untagged Ethernet user VLANs, the VLAN ID is 0. For QinQ interfaces, evlan and ivlan indicate outer VLAN ID and inner VLAN ID.

    • If vendor-id is set to 2636, the NE40E uses the default format of Juniper to encapsulate the NAS-Port-Id attribute.

      The encapsulation format is {fastEthernet|gigabitEthernet} slot/port.subinterface[:vpi.vci |:ivlan]

      Format example: gigabitEthernet 2/5.4:4.

      If vendor-id is set to 2636 and version1 is specified, the NE40E uses the version 1 format of Juniper to encapsulate the NAS-Port-Id attribute.

      The encapsulation format is {FastEthernet|GigabitEthernet} slot/card/port.subinterface[:vpi.vci |:ivlan]

      Format example: GigabitEthernet 2/0/5.4:4

      NOTE:

      If the logical interface configured on the user access interface is a non-Trunk interface, encapsulate packets on the logical interface.

      If the logical interface is a Trunk interface, encapsulate packets on the user access interface. If the user access interface is also a Trunk interface, encapsulate packets on the first member interface of the Trunk interface.

    • If vendor-id is set to 9, the NE40E uses the default format of Cisco to encapsulate the NAS-Port-Id attribute.

      The encapsulation format is {ethernet|trunk|PW} slot/subslot/port.

      Format example: ethernet 2/0/5.

      NOTE:

      If a logical interface is configured on the user access interface, encapsulate packets on the logical interface. Otherwise, encapsulate packets on the user access interface. For Trunk and PW interfaces, the subslot number is 0.

    • If the redback-simple format is specified to encapsulate the NAS-Port-Id attribute,

      The encapsulation format is slot/port[vpivci vpi vci | vlanid [ivlan:]evlan] [pppoe sess-id | clips sess-id].

      Format example: 2/5 vlan-id 4 pppoe 8.

      NOTE:

      Different from the Redback format, the redback-simple format does not contain any hyphen (-) in keywords of vpivci or vlanid.

    The default NAS-Port-Id attribute format is determined by the vbas and client-option82 commands.
    • When vbas or client-option82 command is disabled (the default status) on a BAS interface, the following situations may occur:

      • If the vlanpvc-to-username is set to version20 (the default parameter),

        the format of NAS-Port-Id is: slot=xx; subslot=xx; port=xx;{VPI=xx;VCI=xx;|vlanid=xx;|vlanid=xx;vlanid2=xx;}

        Format example: slot=2;subslot=0;port=5;vlanid=4.

        The slot number, subslot number, port number, VPI number, VCI number, outer VLAN ID, and inner VLAN ID are filled with the actual values.

      • If the vlanpvc-to-username is set to version10,

        the format of NAS-Port-Id is: slot=xx;subslot=xx;port=xx;{VPI=xx;VCI=xx;|vlanid=xx;}

        Format example: slot=2;subslot=0;port=5;vlanid=4.

        The slot number, subslot number, port number, VPI number, VCI number, outer VLAN ID, and inner VLAN ID are filled with the actual values. For access users on QinQ interfaces, the inner VLAN ID is filled.

      • If the vlanpvc-to-username is set to turkey,

        the format of NAS-Port-Id is: slot number/port number vlan-id inner VLAN ID:outer VLAN ID.

        Format example: 2/5 vlan-id 4096:4.

        For untagged user VLANs, the IDs of inner and outer VLANs are both 4096. If the user VLAN only carries a tag, the inner VLAN ID is 4096.

      • If the vlanpvc-to-username is set to standard,

        the format of NAS-Port-Id is: {eth|trunk|PW} slot number/subslot number/port number:{vpi.vci| outer VLAN ID.inner VLAN ID} 0/0/0/0/0/0.

        Format example: eth 2/0/5:4096.4 0/0/0/0/0/0.

        NOTE:

        The slot number, subslot number, port number, VPI number, VCI number, outer VLAN ID, and inner VLAN ID are filled with the actual values. For Trunk interfaces, the subslot number is 0. For untagged user VLANs, the IDs of inner and outer VLANs are both 4096. If the user VLAN only carries a tag, the inner VLAN ID is 4096. In the AAA view, you can specify pevlan or cevlan in the vlanpvc-to-username standard trust { pevlan | cevlan } command. By default, both parameters are specified in the command. If only pevlan is specified, set the inner VLAN ID to 4096. If only cevlan is specified, set the outer VLAN ID to 4096.

    • The vbas or client-option82 command is configured on the BAS interface.
      • The vlanpvc-to-username is set to version20 (the default parameter) or version10 and the client-option82 basinfo-insert cn-telecom command is not run.

        • User packets carry Option 82 information.

          If VBAS is configured on the BAS interface, return Option 82 information carried by user packets.

          Format example: mse-108 eth 0/2/0/5:4.

          If the option82-relay-mode command is not configured on the BAS interface, return the first TLV value of user Option 82 information with two offset bytes.

          For example, if the user Option 82 information is abc, return c.

          If the option82-relay-mode command is configured on the BAS interface, return the required information based on the configured formats. For details, see the output information of the option82-relay-mode include command.

        • If user packets do not carry Option 82 information,

          the format of NAS-Port-Id is: hostname {eth} 0/slot number/subslot number/port number:{vpi.vci|vlan| outer VLAN.inner VLAN}.

          Format example: MSE-108 eth 0/2/0/5:0.

          NOTE:

          The host name configured using the nas logic-sysname command in the BAS interface view is preferentially used. If no host name is configured on the BAS interface, the default host name is used. For untagged user VLANs, the IDs of inner and outer VLANs are both 0. If the user VLAN carries only a tag, the inner VLAN ID is 0, indicating that the inner VLAN is not displayed.

      • If the vlanpvc-to-username to set to turkey and the client-option82 basinfo-insert cn-telecom command is not run,

        the format of NAS-Port-Id is: slot number/port number vlan-id inner VLAN ID:outer VLAN ID.

        Format example: 2/5 vlan-id 4096:4.

        For untagged user VLANs, the IDs of inner and outer VLANs are both 4096. If the user VLAN only carries a tag, the inner VLAN ID is 4096.

      • If the vlanpvc-to-username is set to standard and the client-option82 basinfo-insert cn-telecom command is run,

        the format of NAS-Port-Id is: {eth|trunk|PW} slot number/subslot number/port number:{vpi.vci|outer VLAN ID.inner VLAN ID} information carried by the client.

        The slot number, subslot number, port number, VPI number, VCI number, outer VLAN ID, and inner VLAN ID are filled with the actual values. For Trunk interfaces, the slot number is 0. For untagged user VLANs, the IDs of inner and outer VLANs are both 4096. If the user VLAN only carries a tag, the inner VLAN ID is 4096. For PW interfaces, the subslot number is 0. In the AAA view, you can specify pevlan or cevlan in the vlanpvc-to-username standard trust { pevlan | cevlan } command. By default, both parameters are specified in the command. If pevlan is specified, set the inner VLAN ID to 4096. If cevlan is specified, set the outer VLAN ID to 4096.

        • User packets carry Option 82 information.

          If the vbas command is configured on the BAS interface, parse the complete Option 82 information carried by user packets. Otherwise, parse Option 82 information with two offset bytes.

          If user Option 82 information contains no blank space, information carried by the client is filled with user Option 82 information with two offset bytes. For example, if user Option 82 information is abc, the format of NAS-Port-Id is eth 2/0/5:4096.4 c.

          If user Option 82 information contains a space and / is in front of the space, information carried by the client is filled with user Option 82 information with two offset bytes. For example, if user Option 82 information is aaa/b cd, the format of NAS-Port-Id is eth 2/0/5:4096.4 a/b cd.

          If user Option 82 information contains two spaces and no / in front of the first space, information carried by the client is filled with user Option 82 information after the second space. For example, if user Option 82 information is aaab cd e, the format of NAS-Port-Id is eth 2/0/5:4096.4 e.

          If user Option 82 information contains two spaces and no / in front of the spaces, information carried by the client is filled with 0/0/0/0/0/0. For example, if user Option 82 information is aaab cde, the format of NAS-Port-Id is eth 2/0/5:4096.4 0/0/0/0/0/0.

        • User packets do not carry Option 82 information.

          Information carried by the client is filled with 0/0/0/0/0/0, for example, eth 2/0/5:4096.4 0/0/0/0/0/0.

  4. (Optional) Run radius-server nas-port-id lns include [ string string | ip delimiter ] { local-tunnel-ip [ delimiter ] | peer-tunnel-ip [ delimiter ] | local-tunnel-id [ delimiter ] | peer-tunnel-id [ delimiter ] | local-session-id [ delimiter ] peer-session-id [ delimiter ] | call-serial-number [ delimiter ] } *

    The format of the NAS-Port-Id attribute sent by the L2TP LNS to the RADIUS server is configured.

  5. (Optional) Run radius-server nas-port-id include [ delimiter paradelimiter ] { interface-description [ delimiter int-desdelimiter ] | pe-vlan [ delimiter pevlan-delimiter ] | ce-vlan [ delimiter cevlan-delimiter ] } *

    The format of the NAS-Port-Id attribute sent by a non-LNS device to the RADIUS server is configured.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17158

Downloads: 69

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next