128
To do… Use the command…
Remarks
Enable support for portal user
moving
portal move-mode auto
Required
Disabled by default
NOTE:
For a user with authorization information (such as authorized VLAN) configured, after the user moves
from a port to another, the device tries to assign the authorization information to the new port. If the
operation fails, the device deletes the user's information from the original port and re-authenticates the
user on the new port.
Specifying an Auth-Fail VLAN for portal
authentication
NOTE:
Only Layer 2 portal authentication supports this feature.
This task sets the Auth-Fail VLAN to be assigned to users failing portal authentication.
Before specifying an Auth-Fail VLAN, be sure to create the VLAN.
Follow these steps to specify an Auth-Fail VLAN for portal authentication:
To do… Use the command…
Remarks
Enter system view system-view —
Enter Layer 2 Ethernet interface
view
interface interface-type
interface-number
—
Specify an Auth-Fail VLAN for
portal authentication on the port
portal auth-fail vlan authfail-vlan-id
Required
Not specified by default
NOTE:
• To make the Auth-Fail VLAN of portal authentication on a port take effect, you also need to enable the
MAC-based VLAN function on the port. For information about MAC VLAN, see
Layer 2—LAN
Switching Configuration Guide
.
• You can specify different Auth-Fail VLANs for portal authentication on different ports. A port can be
specified with only one Auth-Fail VLAN for portal authentication.
• The MAC-VLAN entries generated in response to portal authentication failures do not overwrite the
MAC-VLAN entries already generated in other authentication modes.
Configuring RADIUS related attributes
NOTE:
Only Layer 3 portal authentication supports this feature.
To Next Page
Loading...
