Scheme Lan-Access - H3C S3100 Series Command Manual

[Sysname] domain aabbcc.net
New Domain added.
[Sysname-isp-aabbcc.net] scheme radius-scheme raduis1 local

scheme lan-access

Syntax
scheme lan-access { local | none | radius-scheme radius-scheme-name [ local | none ] }
undo scheme lan-access
View
ISP domain view
Parameters
radius-scheme-name: Name of a RADIUS scheme, a string of up to 32 characters.
local: Specifies to use local authentication.
none: Specifies not to perform authentication.
Description
Use the scheme lan-access command to configure a combined AAA scheme for LAN users.
Use the undo scheme lan-access command to restore the default.
By default, the local AAA scheme is used.
Note that:
When you use the scheme lan-access command to reference a RADIUS scheme in the current
ISP domain, the referenced RADIUS scheme must already exist.
If you use the scheme lan-access radius-scheme radius-scheme-name local command, the
local scheme is used as the secondary scheme in case no RADIUS server is available. That is, if
the communication between the switch and a RADIUS server is normal, remote authentication is
performed; otherwise, local authentication is performed.
If you execute the scheme lan-access local or scheme lan-access none command to use local
or none as the primary scheme, local authentication is performed or no authentication is performed.
In this case, no secondary scheme can be specified and therefore no scheme switching will occur.
Related commands: scheme, display domain.
Examples
# Configure ISP domain aabbcc.net to use RADIUS scheme radius1 for LAN users and use local
authentication as the backup.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] domain aabbcc.net
New Domain added.
[Sysname-isp-aabbcc.net] scheme lan-access radius-scheme radius1 local
1-27