How do I configure Layer 3 web
authentication on an ME60 to allow authentication-free network access for
authentication on some user addresses.
The ME60 has been configured with Layer 3 web authentication for user access.
Layer 3 web authentication is configured based on the source IP address.
[ME60]layer3-subscriber 172.16.254.33 172.16.254.33 domain-name huawei //Create
an authentication domain named huawei that provides none authentication and none
1. In case of normal Layer 3 web authentication for user access, run the layer3-subscriber command specify user
access from the pre-authentication domain. After user data is forwarded to the
BRAS, the user data matches the global access control policy for a user group
bound to the pre-authentication domain. User access is allowed only after a
dialog box indicating successful authentication is displayed.
2. In case of authentication-free user access, run the layer3-subscriber command to specify user access from a
non-pre-authentication domain. This pre-authentication domain also needs to be
bound to the none authentication and none accounting template and an address
pool (which does not need to be bound to a user group). After
authentication-free users access the network, the device does not match the
access control policy of the global pre-authentication domain for a user group.
That is, user access is allowed with no need for authentication or accounting.