Usage guidelines
If a portal user fails AAA in MAC-trigger authentication, the user cannot trigger authentication before
the MAC-trigger entry of the user ages out. After the MAC-trigger entry ages out, the user triggers
MAC-trigger authentication when it accesses the network.
After this feature is enabled, the device sets the MAC-trigger entry state for a user to unbound
immediately after the user fails AAA in MAC-trigger authentication. Before the user's MAC-trigger
entry ages out, the user can trigger normal portal authentication.
Examples
# Enable AAA failure unbinding for MAC binding server mts.
<Sysname> system-view
[Sysname] portal mac-trigger-server mts
[Sysname-portal-mac-trigger-server-mts] aaa-fail nobinding enable
Related commands
display portal mac-trigger-server
aging-time
Use aging-time to set the aging time for MAC-trigger entries.
Use undo aging-time to restore the default.
Syntax
aging-time seconds
undo aging-time
Default
The aging time for MAC-trigger entries is 300 seconds.
Views
MAC binding server view
Predefined user roles
network-admin
Parameters
seconds: Specifies the aging time for MAC-trigger entries. The value range is 60 to 7200 seconds.
Usage guidelines
With MAC-based quick portal authentication enabled, the device generates a MAC-trigger entry for a
user when the device detects traffic from the user for the first time. The MAC-trigger entry records the
following information:
•
MAC address of the user
•
Interface index
•
VLAN ID
•
Traffic statistics
•
Aging timer
When the aging time expires, the device deletes the MAC-trigger entry. The device re-creates a
MAC-trigger entry for the user when it detects the user's traffic again.
Examples
# Specify the aging time as 300 seconds for MAC-trigger entries.
231