Authorization Ipoe - H3C MSR Series Command Reference Manual

Examples
# In ISP domain test, perform local authorization for IKE extended authentication.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization ike local
Related commands
authorization default
local-user

authorization ipoe

Use authorization ipoe to specify authorization methods for IPoE users.
Use undo authorization ipoe to restore the default.
Syntax
In non-FIPS mode:
authorization ipoe { local [ none ] | none | radius-scheme radius-scheme-name [ local ] [ none ] }
undo authorization ipoe
In FIPS mode:
authorization ipoe { local | radius-scheme radius-scheme-name [ local ] }
undo authorization ipoe
Default
The default authorization methods of the ISP domain are used for IPoE users.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
local: Performs local authorization.
none: Does not perform authorization.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive
string of 1 to 32 characters.
Usage guidelines
The RADIUS authorization configuration takes effect only when authentication and authorization
methods of the ISP domain use the same RADIUS scheme.
You can specify one primary authorization method and multiple backup authorization methods.
When the primary method is invalid, the device attempts to use the backup methods in sequence.
For example, the authorization ipoe radius-scheme radius-scheme-name local none command
specifies a primary RADIUS authorization method and two backup methods (local authorization and
no authorization). The device performs RADIUS authorization by default and performs local
authorization when the RADIUS server is invalid. The device does not perform authorization when
both of the previous methods are invalid.
32