3Com 8807 Configuration Manual page 240

240 C 26: AAA
HAPTER AND
Configuring Relevant
Attributes of an ISP
Domain
RADIUS/HWTACACS P
ROTOCOL
For 3Com Series Switches, each supplicant belongs to an ISP domain. Up to 16
domains can be configured in the system. If a user has not reported its ISP domain
name, the system will put it into the default domain.
Perform the following configuration in system view.
Table 198 Create/Delete an ISP domain
Operation
Create ISP domain or enter the view of a
specified domain
Remove a specified ISP domain
Enable the default ISP domain specified by
isp-name
Restore the default ISP domain to "system"
By default, a domain named "system" has been created in the system. The
attributes of "system" are all default values.
The relevant attributes of ISP domain include the adopted RADIUS scheme, ISP
domain state, maximum number of supplicants, accounting optional
enable/disable state, address pool definition, IP address assignment for PPP
domain users, and user idle-cut enable/disable state where:
The adopted RADIUS scheme is the one used by all the users in the ISP domain.
■
The RADIUS scheme can be used for RADIUS authentication or accounting. By
default, the default RADIUS scheme is used. The command shall be used
together with the commands of setting RADIUS server and server cluster. For
details, refer to the following Configuring RADIUS section of this chapter. If
Local is configured as the first scheme, only the Local scheme will be adopted,
neither RADIUS nor HWTACACS scheme will be adopted. When Local scheme
is adopted, only authentication and authorization will be performed,
accounting will not be performed. None has the same effect as Local. The
usernames used for Local authentication carry no domain name, so if the Local
scheme is configured, pay attention not to add domain name to the username
when you configure a Local user.
Every ISP domain has two states: Active and Block. If an ISP domain is in Active
■
state, the users in it are allowed to request network services, while in Block
state, its users are inhibit from requesting any network service, which will not
affect the users already online. An ISP is in Active state once it is created, that
is, at that time, all the users in the domain are allowed to request network
services.
Maximum number of supplicants specifies how many supplicants can be
■
contained in the ISP. For any ISP domain, there is no limit to the number of
supplicants by default.
The idle cut function means: If the traffic from a certain connection is lower
■
than the defined traffic, cut off this connection.
The PPP access users can obtain IP addresses through the PPP address
■
negotiation function.
Perform the following configuration in ISP domain view.
C
ONFIGURATION
Command
domain isp-name
undo domain isp-name
domain default enable isp-name
domain default disable