EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #154 background imageLoading...
Page #154 background image
141
Applying a NAS-ID profile to an interface
By default, the device sends its device name in the NAS-Identifier attribute of any RADIUS requests.
A NAS-ID profile enables you to send different NAS-Identifier attribute strings in RADIUS requests
from different VLANs. The strings can be organization names, service names, or any user
categorization criteria, depending on the administrative requirements.
For example, map the NAS-ID companyA to all VLANs of company A. The device will send
companyA in the NAS-Identifier attribute for the RADIUS server to identify requests from any
Company A users.
You can apply a NAS-ID profile to a portal-enabled interface. If no NAS-ID profile is specified on the
interface or no matching NAS-ID is found in the specified profile, the device uses the device name as
the interface NAS-ID.
To apply a NAS-ID profile to an interface:
Step
Command
Remarks
1. Enter system view.
system-view
N/A
2. Create a NAS-ID profile and
enter NAS-ID profile view.
aaa
nas-id
profile
profile-name
For more information about this
command, see Security
Commands Reference.
3. Configure a NAS ID and
VLAN binding in the profile.
nas-id
nas-identifier
bind
vlan
vlan-id
By default, no NAS ID and VLAN
binding exists.
For more information about this
command, see Security
Commands Reference.
4. Return to system view.
quit
N/A
5. Enter interface view.
interface
interface-type
interface-number
N/A
6. Specify the NAS-ID profile on
the interface.
portal
nas-id-profile
profile-name
By default, no NAS-ID profile is
specified on the interface.
Enabling portal roaming
Portal roaming takes effect only on portal users logging in from VLAN interfaces.
If portal roaming is enabled on a VLAN interface, an online portal user can access resources from
any Layer 2 port in the VLAN without re-authentication.
If portal roaming is disabled, to access external network resources from a Layer 2 port different from
the current access port in the VLAN, the user must do the following:
• First log out from the current port.
• Then re-authenticate on the new Layer 2 port.
To enable portal roaming:
Step
Command
Remarks
1. Enter system view.
system-view
N/A
2. Enable portal roaming.
portal roaming enable
By default, portal roaming is
disabled.
You cannot enable portal roaming
when login users exist on the

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals