1. Manuals
  2. Brands
  3. H3C Manuals
  4. Switch
  5. S3610 Series
  6. Operation manual

Cutting Down User Connections Forcibly - H3C S3610 Series Operation Manual

Aaa & radius & hwtacacs
Hide thumbs Also See for S3610 Series:
Table of Contents

Advertisement

Operation Manual – AAA & RADIUS & HWTACACS
H3C S3610&S5510 Series Ethernet Switches
Caution:
After the local-user password-display-mode cipher-force command is executed,
all passwords will be displayed in cipher mode even through you specify to display
user passwords in plain text by using the password command.
In local authentication, the service-type of local users is checked. If no service type
is available for the user, the user cannot pass the authentication normally. If no
available service type is configured for the user during authorization, the user will
not be authorized to use any service by default.
If the configured authentication method (local, RADIUS, or HWTACACS
authentication) requires a user name and a password, the command level that a
user can access after login is determined by the priority level of the user; in any
other authentication mode, this command level is determined by the user interface.
For SSH users, when they use RSA shared keys for authentication, the commands
they can access are determined by the levels set on their user interfaces.
User priority can be set with either the service-type command or the level
command and the latest configured level applies.
The attribute ip command only applies to authentication supporting IP address
upload, such as 802.1x authentication. If you use this command for authentication
not supporting IP address upload, the local authentication, such as MAC address
authentication, will fail.
The attribute port command uses port number, but not port type, to bind a port to a
local user.
The idle-cut function configured with the idle-cut command in user interface view
applies to lan-access users only.

1.3.8 Cutting Down User Connections Forcibly

Table 1-11 Cut down user connection forcibly
Operation
Enter system view
Cut
connections forcibly
system-view
cut connection { all | access-type
{ dot1x | mac-authentication } |
domain domain-name | interface
down
user
interface-type interface-number | ip
ip-address | mac mac-address | vlan
vlan-id | ucibindex ucib-index |
user-name user-name }
Chapter 1 AAA & RADIUS & HWTACAC
Command
1-24
S Configuration
Description
Required
This command is
only available for
service-type
of
lan-access

Advertisement

Table of Contents
loading

Related Manuals for H3C S3610 Series

Related Content for H3C S3610 Series

This manual is also suitable for:

S5510 series

Table of Contents