How do I configure Layer 3 web authentication on an ME60 to allow authentication-free network access for authentication on some user addresses.
The ME60 has been configured with Layer 3 web authentication for user access.
Layer 3 web authentication is configured based on the source IP address.
[ME60]layer3-subscriber 172.16.254.33 172.16.254.33 domain-name huawei //Create an authentication domain named huawei that provides none authentication and none accounting.
1. In case of normal Layer 3 web authentication for user access, run the layer3-subscriber command specify user access from the pre-authentication domain. After user data is forwarded to the BRAS, the user data matches the global access control policy for a user group bound to the pre-authentication domain. User access is allowed only after a dialog box indicating successful authentication is displayed.
2. In case of authentication-free user access, run the layer3-subscriber command to specify user access from a non-pre-authentication domain. This pre-authentication domain also needs to be bound to the none authentication and none accounting template and an address pool (which does not need to be bound to a user group). After authentication-free users access the network, the device does not match the access control policy of the global pre-authentication domain for a user group. That is, user access is allowed with no need for authentication or accounting.