Applying A Nas-Id Profile To An Interface - HP FlexFabric 5700 Series Security Configuration Manual
Hide thumbs
Also See for FlexFabric 5700 Series:
- Configuration manual (185 pages) ,
- Configuration manual (132 pages) ,
- Configuration manual (125 pages)
Table of Contents
Advertisement
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure BAS-IP for IPv4
portal packets sent to the
portal authentication
server.
4.
Configure BAS-IPv6 for
IPv6 portal packets sent to
the portal authentication
server.
Applying a NAS-ID profile to an interface
By default, the device sends its device name in the NAS-Identifier attribute of any RADIUS requests.
A NAS-ID profile enables you to send different NAS-Identifier attribute strings in RADIUS requests from
different VLANs. The strings can be organization names, service names, or any user categorization
criteria, depending on the administrative requirements.
For example, map the NAS-ID companyA to all VLANs of company A. The device will send companyA
in the NAS-Identifier attribute for the RADIUS server to identify requests from any Company A users.
You can apply a NAS-ID profile to a portal-enabled interface. If no NAS-ID profile is specified on the
interface or no matching NAS-ID is found in the specified profile, the device uses the device name as the
interface NAS-ID.
To apply a NAS-ID profile to an interface:
Step
1.
Enter system view.
2.
Create a NAS-ID profile and
enter NAS-ID profile view.
3.
Configure a NAS ID and
VLAN binding in the profile.
4.
Return to system view.
5.
Enter interface view.
6.
Specify the NAS-ID profile on
the interface.
Command
system-view
interface interface-type
interface-number
portal bas-ip ipv4-address
portal bas-ipv6 ipv6-address
Command
system-view
aaa nas-id profile profile-name
nas-id nas-identifier bind vlan
vlan-id
quit
interface interface-type
interface-number
portal nas-id-profile profile-name
135
Remarks
N/A
N/A
By default, the BAS-IP attribute of an IPv4
portal response packet sent to the portal
authentication server is the source IPv4
address of the packet, and that of an IPv4
portal notification packet is the IPv4
address of the interface.
By default, the BAS-IPv6 attribute of an
IPv6 portal response packet sent to the
portal authentication server is the source
IPv6 address of the packet, and that of an
IPv6 portal notification packet is the IPv6
address of the interface.
Remarks
N/A
For more information about this
command, see Security
Commands Reference.
By default, no NAS ID and VLAN
binding exists.
For more information about this
command, see Security
Commands Reference.
N/A
N/A
By default, no NAS-ID profile is
specified on the interface.
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
