No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
(Optional) Configuring the Calling-station-ID Attribute Format

(Optional) Configuring the Calling-station-ID Attribute Format

The Calling-station-ID attribute format is configured to enable the NE40E to interconnect with a non-Huawei device.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run radius-server group group-name

    The RADIUS server group view is displayed.

  3. Run radius-server calling-station-id include [ delimiter delimiter ] { domain [ delimiter delimiter ] | mac [ delimiter delimiter ] | interface [ delimiter delimiter ] | sysname [ delimiter delimiter | { option82 | access-line-id} [ delimiter delimiter ] ] }*

    Configuring a method of constructing the No. 31 RADIUS public attribute, namely, Calling-Station-Id.

  4. Run radius-server calling-station-id include refer-option61

    The Calling-Station-Id attribute format is determined based on Option 61.

    After the radius-server calling-station-id include refer-option61 command is run, note the following issues:
    • If user packets carry Option 61, the Calling-Station-Id attribute format uses user MAC addresses.
    • If user packets do not carry Option 61, the Calling-Station-Id attribute format uses user names without domain names.

  5. Run radius-server calling-station-id include vlan-binding

    The Calling-Station-Id attribute format is constructed in the format of slot(2)port(2)vpi(2)vci(4)vlan(4)mac(12).

  6. Run radius-server calling-station-id include vlan-description

    The Calling-Station-Id attribute format is constructed based on the vlan-description format.

  7. Run radius-server calling-station-id lns-default version1

    The default format for constructing the Calling-Station-Id attribute is configured on the LNS.

    After the radius-server calling-station-id lns-default version1 command is run, the LNS encapsulates the Calling-Station-Id attribute into RADIUS authentication and accounting packets in the default format, even if the packets sent from the LAC to the LNS do not carry the calling-number attribute. By default, if the LAC sends user packets without the calling-number attribute to the LNS, the RADIUS authentication and accounting packets sent to the RADIUS server do not carry the Calling-Station-Id attribute.

  8. Run radius-server calling-station-id lns-default version1 force

    The LNS is enabled to construct the Calling-Station-Id attribute based on the version1 format.

    In some special scenarios, to enable the LNS to encapsulate the Calling-Station-Id attribute into RADIUS authentication and accounting packets in the default version1 format irrespective of whether the LAC sends the calling-number attribute to the LNS, run the radius-server calling-station-id lns-default version1 force command.

  9. Run radius-server calling-station-id include llid user-type { ppp | lns }*

    The Calling-Station-Id attribute format is constructed based on the logical line ID (LLID) information in an authentication accept packet sent by the RADIUS server.

    After the radius-server calling-station-id include llid user-type { ppp | lns }* command is run, the authentication process for PPP or LNS users has the following changes, and going-online performance is affected because users are authenticated twice.
    1. Two authentication request packets are sent. The format of the user name in the first authentication request packet is NAS-IP-Address NAS-Port-Id, and the password is HUAWEI (default value). The user name and password in the second authentication request packet and accounting request packet are the actual user name and password.
    2. If the RADIUS server delivers the LLID attribute in the first authentication accept packet, the Calling-Station-Id field in the second authentication request packet and accounting request packet is encapsulated with the LLID information. If the LLID attribute fails to be obtained (for example, the RADIUS server does not deliver the No. 31 RADIUS public attribute Calling-Station-Id, a RADIUS Access-Reject packet is received, or the authentication times out), the Calling-Station-Id field in the second authentication request packet and accounting request packet is the same as that in the first authentication request packet.

    If the system fails to obtain the LLID information from the RADIUS server, the authentication and accounting packets for the second authentication will carry the No. 31 RADIUS Calling-Station-Id attribute by default. However, if this occurs after the radius-server calling-station-id disable with-llid-fail command is run, the authentication and accounting packets for the second authentication will not carry the No. 31 RADIUS Calling-Station-Id attribute. This configuration helps identify the users who have failed to obtain the LLID information.

  10. Run radius-server calling-station-id include pevlan [ { delimiter delimiter } [ cevlan ] ]

    or run radius-server calling-station-id include cevlan [ { delimiter delimiter } [ pevlan ] ]

    The Calling-Station-Id attribute format is constructed based on the outer or inner VLAN information.

    The Calling-Station-Id attribute contains user VLAN information. You can specify either or both of pevlan and cevlan. If you specify both pevlan and cevlan and specify pevlan before specifying cevlan, the RADIUS server parses pevlan before parsing cevlan. If you specify cevlan before specifying pevlan, the RADIUS server parses cevlan before parsing pevlan.

    If access users send packets that carry single VLAN tags, the single VLAN tags can only be encapsulated into pevlan.

  11. Run radius-server format-attribute calling-station-id vendor vendor-id [ include option82 ] [ version1 ]

    The Calling-Station-Id attribute format defined by a specified vendor is used.

  12. Run radius-server format-attribute include sub-slot

    An interface number in the Calling-Station-Id and NAS-port-ID attributes contains a sub-slot number.

    After the radius-server format-attribute include sub-slot command is run, the Calling-Station-Id and NAS-port-ID attributes in RedBack format use the interface number in the format of slot/sub-slot/port.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17295

Downloads: 70

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next