No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E-M2 V800R010C10SPC500 Feature Description - User Access 01

This is NE40E-M2 V800R010C10SPC500 Feature Description - User Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Validation Rules for Domain Names

Validation Rules for Domain Names

A domain name can be obtained in any of the following modes:

  • Assigned by a carrier

  • Locally configured on a BRAS

  • Delivered by an AAA server

The domain name delivered by an AAA server takes precedence. In other scenarios, the validation rules for domain names are as follows.

Figure 2-14 Validation rules for domain names

Users Going Online Using User Names with Domain Names

This example uses the user name user@A.

  • If the authentication default domain B has been configured on the BAS interface to which the user logs in, the following situations are available:

  • If domain A has been configured on the BRAS, the user uses the authentication and accounting schemes configured in domain A, with the user name user@A.

  • If domain A is not configured on the BRAS and roaming is disabled, authentication fails. If roaming is enabled, the user uses the authentication and accounting schemes configured in the roaming domain.

  • If the roaming domain E has been configured on the BAS interface to which the user logs in, the following situations are available:

  • If domain A has been configured on the BRAS, the user uses the authentication and accounting schemes configured in domain A, with the user name user@A.

  • If domain A is not configured on the BRAS, the user uses the authentication and accounting schemes configured in domain E, with the user name user@A.

  • If the mandatory authentication default domain F has been configured on the BAS interface to which the user logs in, the user uses the authentication and accounting schemes configured in domain F, irrespective of whether domain A or a roaming domain has been configured. The user name used in authentication remains user@A.

  • If the mandatory substitute authentication domain G has been configured on the BAS interface to which the user logs in, the user uses the authentication and accounting schemes configured in domain G, irrespective of whether domain A or a roaming domain has been configured. The user name used in authentication is changed to user@G.

Users Going Online Using User Names Without Domain Names

This example uses the user name user.

  • If no authentication default domain has been configured on the BAS interface to which the user logs in, the user uses the authentication and accounting schemes configured in default1, with the user name user@default1.

  • If the authentication default domain B has been configured on the BAS interface to which the user logs in, the user uses the authentication and accounting schemes configured in domain B, with the user name user@B.

  • If the mandatory authentication default domain H has been configured on the BAS interface to which the user logs in, the user uses the authentication and accounting schemes configured in domain H, with the user name user@H.

  • If the mandatory substitute authentication domain J has been configured on the BAS interface to which the user logs in, the user uses the authentication and accounting schemes configured in domain J, with the user name user@J.

If permit domains have been configured on the BAS interface to which a user logs in, the BRAS determines the authentication domain of the user and checks whether the authentication domain is permitted, irrespective of whether the user goes online using the user name containing a domain name or not.

NOTE:

The user name used in authentication is not necessarily the user name eventually sent to an AAA server. The BRAS can be configured whether the user names sent to the AAA server carry domain names or not.

Download
Updated: 2019-01-02

Document ID: EDOC1100058415

Views: 16643

Downloads: 13

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next