Configuring Authentication Parameters

NetEngine AR V300R019 CLI-based Configuration Guide - Interface Management

About This Document
Basic Configuration for Interfaces
- Overview of Interfaces
  - Interface Types
  - Interface Numbering Rules
- Licensing Requirements and Limitations for Basic Interfaces
- Configuring Basic Interface Parameters
- Clearing Interface Traffic Statistics
- FAQ About Basic Interfaces
  - How Do I View and Clear Traffic Statistics on an Interface?
  - How Do I Identify the Virtual Port of the Device?
Ethernet Interface Configuration
- Overview of Ethernet Interfaces
- Licensing Requirements and Limitations for Ethernet Interfaces
- Default Settings for Ethernet Interfaces
- Configuring a Port Group
- Configuring General Attributes of Ethernet Interfaces
- Configuring Layer 2 Ethernet Interfaces
- Configuring Layer 3 Ethernet Interfaces
- Maintaining Ethernet Interfaces
  - Configuring Loopback Detection
  - Clearing Interface Statistics
- Configuration Examples for Ethernet Interfaces
  - Example for Configuring the Auto-Negotiation Rate Range
  - Example for Configuring Interface Isolation
- Troubleshooting Ethernet Interfaces
  - Local and Remote Interfaces Have Different Duplex Modes, Rates, and Negotiation modes
- FAQ About Ethernet Interfaces
Serial Interface Configuration
- Overview of Serial Interfaces
- Licensing Requirements and Limitations for Serial Interfaces
- Application Scenarios for Serial Interfaces
  - Networking Diagram of Synchronous Serial Interfaces
- Default Settings for Serial Interfaces
- Configuring a Synchronous Serial Interface
- Configuring an Asynchronous Serial Interface
- Configuration Examples for Serial Interfaces
  - Example for Configuring Network Interworking by Using Synchronous Serial Interfaces
- FAQ About Serial Interfaces
  - When an SA Card Connects to an E1 Card, the Protocol Status Cannot Become Up. How Do I Solve the Problem?
Async Interface Configuration
- Overview of Async Interfaces
- Licensing Requirements and Limitations for Async Interfaces
- Default Settings for Async Interfaces
- Configuring an Async Interface
CE1/PRI Interface Configuration
- Overview of CE1/PRI Interfaces
- Licensing Requirements and Limitations for CE1/PRI Interfaces
- Application Scenarios for CE1/PRI Interfaces
- Default Settings for CE1/PRI Interfaces
- Configuring CE1/PRI Interface
- Maintaining a CE1/PRI Interface
  - Configuring Loopback Detection
  - Clearing Traffic Statistics on a CE1/PRI Interface
- Troubleshooting CE1/PRI Interfaces
  - CE1/PRI Interface Fails to Communicate with a Serial Interface (V.35DTE/DCE)
  - CE1/PRI Interface Fails to Communicate with an E1-F Interface
CT1/PRI Interface Configuration
- Overview of CT1/PRI Interfaces
- Licensing Requirements and Limitations for CT1/PRI Interfaces
- Application Scenarios for CT1/PRI Interfaces
- Default Settings for CT1/PRI Interfaces
- Configuring a CT1/PRI Interface
  - Configuring a CT1/PRI Interface (CT1 Mode)
  - Configuring a CT1/PRI Interface (PRI Mode)
- Maintaining a CT1/PRI Interface
  - Configuring Loopback Detection
  - Clearing Traffic Statistics on a CT1/PRI Interface
CE3 Interface Configuration
- Overview of CE3 Interfaces
- Licensing Requirements and Limitations for CE3 Interfaces
- Application Scenarios for CE3 Interfaces
- Default Settings for CE3 Interfaces
- Configuring a CE3 Interface to Work in E3 Mode
- Maintaining a CE3 Interface
  - Configuring Loopback Detection
  - Clearing Statistics on a CE3 Interface
E1-F Interface Configuration
- Overview of E1-F Interfaces
- Licensing Requirements and Limitations for E1-F Interfaces
- Application Scenarios for E1-F Interfaces
- Default Settings for E1-F Interfaces
- Configuring an E1-F Interface
  - Configuring an E1-F Interface (Unframed Mode)
  - Configuring an E1-F Interface (Framed Mode)
- Maintaining an E1-F Interface
  - Configuring Loopback Detection
  - Clearing Traffic Statistics on an E1-F Interface
- FAQ About Basic Interfaces
T1-F Interface Configuration
- Overview of T1-F Interfaces
- Licensing Requirements and Limitations for T1-F Interfaces
- Application Scenarios for T1-F Interfaces
- Default Settings for T1-F Interfaces
- Configuring a T1-F Interface
- Maintaining a T1-F Interface
  - Configuring Loopback Detection
  - Clearing Traffic Statistics on a T1-F Interface
E&M Interface Configuration
- Overview of E&M Interfaces
- Understanding E&M Interfaces
- Licensing Requirements and Limitations for E&M Interfaces
- Application Scenarios for E&M Interfaces
- Default Settings for E&M Interfaces
- Configuring Line Attributes for an E&M Interface
- Configuration Examples for E&M Interfaces
  - Example for Configuring E&M Interfaces in the Air Traffic Control Scenario
3G Cellular Interface Configuration
- Overview of 3G Cellular Interfaces
- Licensing Requirements and Limitations for 3G Cellular Interfaces
- Application Scenarios for 3G Cellular Interfaces
- Configuring a 3G Cellular Interface in Compliance with the WCDMA Standard
- Maintaining 3G Cellular Interfaces
- Configuration Examples for 3G Cellular Interfaces
- Troubleshooting 3G Cellular Interfaces
  - Users on a 3G Cellular Interface Fail to Be Authenticated Because the Authentication Configuration Is Incorrect
  - Dial-up Fails After a 3G Cellular Interface Is Configured with a Fixed IP Address in 3G+IPSec Scenario
- FAQ About 3G Cellular Interfaces
LTE Cellular Interface Configuration
- Overview of LTE Cellular Interfaces
- Understanding LTE Cellular Interfaces
- Licensing Requirements and Limitations for LTE Cellular Interfaces
- Application Scenarios for LTE Cellular Interfaces
- Summary of LTE Cellular Interface Configuration Tasks
- Default Settings for LTE Cellular Interfaces
- Setting Connection Parameters of LTE Cellular Interfaces
- Configuring C-DCC for Dial-up Connection
- Configuring PIN Management
- (Optional) Configuring the Function of Receiving and Sending SMS Messages
- (Optional) Configuring the SMS Alarm Function
- Maintaining LTE Cellular Interfaces
- Configuration Examples for LTE Cellular Interfaces
5G Cellular Interface Configuration
- Overview of 5G Cellular Interfaces
- Understanding 5G Cellular Interfaces
- Application Scenarios for 5G Cellular Interfaces
- Licensing Requirements and Limitations for 5G Cellular Interfaces
- Default Settings for 5G Cellular Interfaces
- Setting Connection Parameters for a 5G Cellular Interface
- Configuring Automatic 5G Link Recovery
  - Restarting the 5G Modem to Recover a 5G Link
  - Configuring 5G Link Recovery Based on NQA Test Results
- Configuring SIM Card Security Management
- Configuring the Function of Recording NR Signal Strength Logs
- Maintaining 5G Cellular Interfaces
  - Clearing Statistics on 5G Cellular Interfaces
  - Upgrade a 5G Modem
ISDN BRI Interface Configuration
- Overview of ISDN BRI Interfaces
- Licensing Requirements and Limitations for ISDN BRI Interfaces
- Application Scenarios for ISDN BRI Interfaces
  - Connecting a Router to an ISDN Network Through ISDN BRI Interfaces
- Default Settings for ISDN BRI Interfaces
- Configuring an ISDN BRI Interface
- Maintaining an ISDN BRI Interface
  - Configuring Loopback Detection
  - Clearing Traffic Statistics on an ISDN BRI Interface
POS Interface Configuration
- Overview of POS Interfaces
- Licensing Requirements and Limitations for POS Interfaces
- Default Settings for POS Interfaces
- Configuring a POS Interface
- Maintaining POS Interfaces
  - Configuring Loopback Detection
  - Clearing Interface Statistics
- Configuration Examples for POS Interfaces
  - Example for Setting Physical Parameters of a POS Interface
- Troubleshooting POS Interfaces
  - Different POS Interface Parameter Settings on Both Ends
CPOS Interface Configuration
- Overview of CPOS Interfaces
- Understanding CPOS Interfaces
- Licensing Requirements and Limitations for CPOS Interfaces
- Application Scenarios for CPOS Interfaces
  - Using CPOS Interfaces to Converge E1/T1 Lines
  - Using Optical Fibers or Wavelength Division Multiplexing (WDM) to Connect CPOS Interfaces
- Default Settings for CPOS Interfaces
- Configuring CPOS Interfaces to Connect Devices
- Configuring CPOS Interfaces to Converge E1 Lines
- Configuring CPOS Interfaces to Converge T1 Lines
- Maintaining CPOS Interface Configuration
  - Performing Loopback on a CPOS Interface
  - Clearing CPOS Interface Statistics
- Configuration Examples for CPOS Interfaces
- Troubleshooting CPOS Interfaces
  - The Physical Status of an E1 Channel Is Up and the Link Protocol Status Is Down, and a Line Loopback Is Detected
  - Two Routers Are Connected Through CPOS Interfaces, but the Link Layer Status of the Logical Channel Keeps Alternating Between Up and Down
ADSL Interface Configuration
- Overview of ADSL Interfaces
- Licensing Requirements and Limitations for ADSL Interfaces
- Understanding ADSL Interfaces
- Default Settings for ADSL Interfaces
- Configuring an ADSL Interface
- Configuration Examples for ADSL Interfaces
  - Example for Configuring an ADSL Interface
VDSL Interface Configuration
- Overview of VDSL Interfaces
- Licensing Requirements and Limitations for VDSL Interfaces
- Understanding VDSL Interfaces
- Default Settings for VDSL Interfaces
- Configuring a VDSL Interface in ATM Mode
- Configuring a VDSL Interface in PTM Mode
- Configuration Examples for VDSL Interfaces
  - Example for Connecting a VDSL Interface Working in ATM Mode to the Internet
G.SHDSL Interface Configuration
- Overview of G.SHDSL Interfaces
- Licensing Requirements and Limitations for G.SHDSL Interfaces
- Default Settings for G.SHDSL Interface
- Setting Uplink Parameters for a G.SHDSL Interface
- Configuration Examples for G.SHDSL Interfaces
  - Example for Configuring G.SHDSL Interfaces
- FAQ About G.SHDSL Interfaces
  - How Do I Solve the G.SHDSL Card Failure Problem?
IMA Configuration
- Overview of IMA
- Licensing Requirements and Limitations for IMA
- Default Settings for IMA
- Configuring IMA
  - Configuring an E1-IMA Interface
  - Configuring an IMA Group
- Configuration Examples for IMA
  - Example for Configuring an IMA Group
PON Interface Configuration
- Overview of PON Interfaces
- Understanding PON Interfaces
  - Upstream and Downstream Transmission
  - EPON and GPON
- Licensing Requirements and Limitations for PON Interfaces
- Default Settings for PON Interfaces
- Configuring Attributes of an EPON Interface
- Configuring Attributes of a GPON Interface
- Maintaining PON Interfaces
  - Clearing Traffic Statistics on a PON Interface
Logical Interface Configuration
- Overview of Logical Interfaces
- Default Settings for Logical Interfaces
- Licensing Requirements and Limitations for Logical Interfaces
- Configuring a Logical Interface
- Configuration Examples for Logical Interfaces
  - Example for Configuring FR Sub-Interfaces
  - Example for Configuring the Loopback Interface's IP Address to Be Borrowed

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Configuring Authentication Parameters

Context

An OLT authenticates validity and identity of each ONU to prevent access from unauthorized ONUs. An EPON system supports the following ONU authentication modes:

Table 21-2 Comparison of ONU authentication modes in an EPON system

Authentication Mode	Description	Advantage	Disadvantage	Usage Scenario
Physical identifier authentication	The OLT authenticates an ONU by checking the MAC address of the ONU.	It is simple to configure and reliable. After an ONU passes the authentication, the MAC address used for authentication cannot be changed.	When an ONU fails and needs to be replaced by a new one, the MAC address of the new ONU must be configured on the OLT, so this mode is not flexible.	Networks requiring high security
Logical identifier (LOID) authentication	The OLT authenticates an ONU by checking the LOID and check code of the ONU. You can configure the OLT to check only the LOID, or check both the LOID and check code.	You do not need to configure new logical identifiers when users change their physical locations. The OLT can be configured to check only the LOID or check both the LOID and check code, implementing flexible access.	When two ONUs use the same logical identifier, the OLT allows the one that passes the authentication earlier to go online. Therefore, if an unauthorized ONU has gone online by using the logical identifier of an authorized ONU, the authorized ONU cannot go online.	Networks requiring flexible access
Password authentication	This is a Huawei proprietary authentication mode. When this mode is used, the OLT must be a Huawei device.	It is simple to configure and you do not need to configure new passwords when users change their physical locations.	The OLT must be a Huawei device and support password authentication.	Networks requiring flexible access

Authentication Mode

Description

Advantage

Disadvantage

Usage Scenario

Physical identifier authentication

The OLT authenticates an ONU by checking the MAC address of the ONU.

It is simple to configure and reliable. After an ONU passes the authentication, the MAC address used for authentication cannot be changed.

When an ONU fails and needs to be replaced by a new one, the MAC address of the new ONU must be configured on the OLT, so this mode is not flexible.

Networks requiring high security

Logical identifier (LOID) authentication

The OLT authenticates an ONU by checking the LOID and check code of the ONU. You can configure the OLT to check only the LOID, or check both the LOID and check code.

You do not need to configure new logical identifiers when users change their physical locations. The OLT can be configured to check only the LOID or check both the LOID and check code, implementing flexible access.

When two ONUs use the same logical identifier, the OLT allows the one that passes the authentication earlier to go online. Therefore, if an unauthorized ONU has gone online by using the logical identifier of an authorized ONU, the authorized ONU cannot go online.

Networks requiring flexible access

Password authentication

This is a Huawei proprietary authentication mode. When this mode is used, the OLT must be a Huawei device.

It is simple to configure and you do not need to configure new passwords when users change their physical locations.

The OLT must be a Huawei device and support password authentication.

Networks requiring flexible access

An EPON system supports physical identifier authentication, LOID authentication, and password authentication. The three authentication modes can be used separately or jointly. All the authentication parameters are pre-configured on the OLT and cannot be modified on the ONU. If the authentication parameters are not pre-configured, the ONU cannot be successfully authenticated. Therefore, you can configure authentication parameters on the ONU according to the authentication mode.

Procedure

Configure physical identifier authentication (MAC address authentication).
1. Run system-view
  The system view is displayed.
2. Run interface pon interface-number
  The PON interface view is displayed.
3. Run epon-mac-address mac-address
  The MAC address used for authentication is specified.
The MAC address cannot be changed after the ONU is authenticated.
Configure logical identifier authentication.
1. Run system-view
  The system view is displayed.
2. Run interface pon interface-number
  The PON interface view is displayed.
3. Run epon-loid loid
  The LOID used for logical identifier authentication is configured.
4. Run epon-checkcode checkcode
  The check code used for logical identifier authentication is configured.
You can configure the OLT to check only the LOID, or check both the LOID and check code. When step 3 and step 4 are configured, the router will check both the LOID and check code.
Configure password authentication.
1. Run system-view
  The system view is displayed.
2. Run interface pon interface-number
  The PON interface view is displayed.
3. Run epon-password cipher password
  The password used for password authentication is configured.
Password authentication is a Huawei proprietary authentication mode. When this mode is used, the OLT must be a Huawei device.

Translation

简体中文

Download

Updated: 2023-05-18

Document ID: EDOC1100112349

Downloads: 950

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode

Enterprise

Huawei Cloud

Carrier

Consumer

Corporate

Context

Procedure

Related Version

Related Documents

Digital Signature File