274 CHAPTER 11: 802.1X CONFIGURATION
users of different ISP. Because the attributes of ISP users, such as username and
password formats, and so on, may be different, it is necessary to differentiate
them through setting ISP domain. In the Switch 5500G-EI units, ISP domain view,
you can configure a complete set of exclusive ISP domain attributes on a per-ISP
domain basis, which includes AAA policy ( RADIUS scheme applied etc.)
For the Switch 5500G-EI, each user belongs to an ISP domain. Up to 16 domains
can be configured in the system. If a user has not reported their ISP domain name,
the system will put them into the default domain.
Perform the following configurations in System View.
Table 301 Creating/Deleting an ISP Domain
By default, a domain named “system” has been created in the system. Its
attributes are all default values.
Configuring Relevant
Attributes of the ISP
Domain
The relevant attributes of ISP domain include the AAA scheme, domain state,
maximum number of users, the idle-cut function, the accounting optional option,
the messenger alert and self-service server URL.
Perform the following configurations in ISP Domain View.
Configuring AAA Scheme
The AAA schemes includes:
■ RADIUS scheme — you can implement authentication, authorization, and
accounting by referencing the RADIUS server group. The adopted RADIUS
scheme is the one used by all the users in the ISP domain. For detailed
information of the commands of setting RADIUS scheme, refer to the following
Configuring RADIUS section of this chapter.
■ Local authentication — if you use the local scheme, you can only implement
authentication and authorization at local without RADIUS server.
■ None — no authentication and accounting.
Table 302 Configuring AAA Scheme Adopted by the ISP Domain
By default, after an ISP domain is created, the default AAA scheme is local. You
cannot use a RADIUS scheme together with the
local or none scheme.
Operation Command
Create ISP domain or enter the view
of a specified domain.
domain
isp_name
Remove a specified ISP domain undo domain
isp_name
Enable the default ISP domain
specified by
isp-name
domain default enable
isp_name
Restore the default ISP domain to
"system"
domain default disable
Operation Command
Configure an AAA scheme for the domain. scheme { radius-scheme
radius_scheme_name
| local | none }
Configure a RADIUS scheme radius-scheme
radius_scheme_name
Restore the default AAA scheme. undo scheme { radius-scheme
radius_scheme_name
| none }
To Next Page