No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Licensing Requirements and Limitations for AAA and User Management

Licensing Requirements and Limitations for AAA and User Management

Licensing Requirements

BOM

License Control Item

Description

Minimum Version Requirement

81400554

NetEngine40E Radius-proxy Function License

Controllable feature:

This license controls functions of radius-proxy.

The BRAS functions as a RADIUS proxy to listen to and forward authentication packets sent by the AC to the AAA server and authentication response packets replied by the AAA to the AC. During this process, the router saves the authorization information delivered by the AAA server to the WLAN user.

V8R10C00

Restrictions and Guidelines

Restrictions

Guidelines

Impact

User types not supported for VE interface access:
  • vCPE and virtual access users are not supported.
  • A session group template cannot be bound to a VE interface.

Do not deploy vCPE user access on VE interfaces.

Users belonging to the user types not supported cannot go online.

  • RADIUS-delivered flow queue parameters do not take effect if priority-mode flow queue profile and four-flow-queue mapping (cos0/cos1/cos2/cos3) profile are configured.
  • Home and vCPE users are not supported.
  • Both RADIUS-delivered and configured flow queue parameters take effect. If RADIUS-delivered flow queue parameters are inconsistent with those configured, RADIUS-delivered flow queue parameters do not take effect.

None

Flow queue parameters do not take effect.

When IPoE user names are generated based on the format configured using the vlanpvc-to-username command, the system name in a user name can contain a maximum of 17 bytes. Excessive bytes will be truncated. If parameters specified in the default-user-name command cannot be obtained from user sessions, the generated user names do not contain the parameters. For example, if no IP address is assigned to a DHCP user before the user goes online, the IP address cannot be used to generate the user name.

Properly configure the mode for generating user names for IPoE users and properly set the system name of a device. If a user name needs to contain the system name, control the length of the system name to be no more than 17 characters.

Communication between IPoE users and the RADIUS server is affected.

Restrictions on the function to generate login and logout logs of access users and send the logs to a log server:
  • IPv6 addresses are not recorded for IPv6 users.
  • For dual-stack users, user information of the stacks from which users go online first and go offline last is recorded only.
  • Information about Layer 2 leased line users is not recorded and user information is not recorded on the RUI backup device.
  • The user names recorded in the logs can contain a maximum of 63 bytes. Excessive bytes will be truncated.

None

Communication with the log server is affected.

The response delay policy for access users on a BAS interface is not supported on the board where inter-board trunk interfaces reside.

Do not deploy a response delay policy for access users and inter-board trunk interfaces on the same board.

The load balancing function for access users is affected.

The function to adjust bandwidths based on time ranges is not supported for Layer 2 leased line, Layer 3 leased line, Layer 2 VPN leased line, or PPPoLNS users.

None

The function to adjust bandwidths based on time ranges for Layer 2 leased line, Layer 3 leased line, Layer 2 VPN leased line, and PPPoLNS users is affected.

In scenarios where the QoS profiles for online Layer 2 and Layer 3 leased line users are changed through CoA, if different rate limiting modes are adopted (SQ to CAR or CAR to SQ), a CoA ACK message is returned and information about the new QoS profile is displayed in the display access-user command output. However, the new QoS profile fails to take effect.

None

The switch between SQ and CAR for leased line users is affected when a QoS profile is delivered through CoA.

If an inbound VPN instance is configured for CGN users, the inbound VPN instance does not take effect. The CGN users still use the original public network VPN instance.

Properly plan services.

None

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 19445

Downloads: 89

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next