No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

User authentication using information from Option 82 field on NE

Publication Date:  2019-07-11  |   Views:  317  |   Downloads:  0  |   Author:  a84090745  |   Document ID:  EKB1001944626

Contents

Issue Description

The end user (in this case ONT) sends a DHCP Discovery packet. Then the OLT (configured as dhcp snooping) receives the packet from ONT, adds option82 (containing information about the ONT number and port number to which the ONT is connected) and then transmits it to the NE20 router by broadcast. The router receives package DHCP Discovery on the port on which the BRAS service is configured. The router is designed to perform end user autentication. Router uses an external RADIUS server for this. When sending a query to the RADIUS server, the router should include information about the option82 in the authentication packet. The RADIUS server should authenticate the end-user based on information about option82. After receiving information from the RADIUS server about the correct authorization of the end user, the router sends a request to an external DHCP server to obtain the IP address for the end user (here option 82 is no longer used). In terms of DHCP, Router is configured as DHCP relay.


For now the RADIUS server authenticate end users based on their MAC address. We want to change it so that authorization takes place using the information contained in option 82.


Solution

The solution is to configure client-option82 command on relay interface. The client-option82 command configures the NE20E to trust the access-line-id information (for a DHCP user) sent from the DHCP client.

http://support.huawei.com/hedex/hdx.do?docid=EDOC1100006715&id=client-option82_1&text=client-option82&lang=en