HP FlexNetwork MSR Series Command Reference Manual page 33
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
Syntax
In non-FIPS mode:
authentication advpn { local [ none ] | none | radius-scheme radius-scheme-name [ local ]
[ none ] }
undo authentication advpn
In FIPS mode:
authentication advpn { local | radius-scheme radius-scheme-name [ local ] }
undo authentication advpn
Default
The default authentication method of the ISP domain is used for ADVPN users.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
local: Performs local authentication.
none: Does not perform authentication.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive
string of 1 to 32 characters.
Usage guidelines
You can specify one primary authentication method and multiple backup authentication methods.
When the primary method is invalid, the device attempts to use the backup methods in sequence.
For example, the authentication advpn radius-scheme radius-scheme-name local none
command specifies a primary RADIUS authentication method and two backup methods (local
authentication and no authentication). The device performs RADIUS authentication by default and
performs local authentication when the RADIUS server is invalid. The device does not perform
authentication when both of the previous methods are invalid.
Examples
# In ISP domain test, perform local authentication for ADVPN users.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authentication advpn local
# In ISP domain test, perform RADIUS authentication for ADVPN users based on scheme rd and
use local authentication as the backup.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authentication advpn radius-scheme rd local
Related commands
authentication default
local-user
radius scheme
15
Advertisement
