Operation Manual - Security
Quidway S3500 Series Ethernet Switches Chapter 3 AAA and RADIUS Protocol Configuration
Huawei Technologies Proprietary
3-7
Operation Command
Cancel the service type of
the specified user (For
S3526, S3526 FM and
S3526 FS)
undo service-type { ftp [ ftp-directory ] |
lan-access | telnet [ level level ] }
Configure the attributes of
lan-access users
attribute { ip ip-address | mac mac-address |
idle-cut second | access-limit max-user-number |
vlan vlanid | location { nas-ip ip-address port
portnum | port portnum }*
Remove the attributes
defined for the lan-access
users
undo attribute { ip | mac | idle-cut | access-limit |
vlan | location }*
3.2.5 Disconnecting a User by Force
Sometimes it is necessary to disconnect a user or a category of users by force. The
system provides the following command to serve for this purpose.
Perform the following configurations in system view.
Table 3-6 Disconnecting a user by force
Operation Command
Disconnect a
user by force
cut connection { all | access-type { dot1x | portal } | domain
domain-name | interface portnum | ip ip-address | mac
mac-address | radius-scheme radius-scheme-name | vlan
vlanid | ucibindex ucib-index | user-name user-name }
By default, no online user will be disconnected by force.
3.2.6 Configuring Dynamic VLAN with RADIUS Server
 Note:
Among S3500 series ethernet switches, S3552G, S3552P, S3528G, S3528P, S3526E,
S3526E FM, S3526E FS and S3526C support this function, and S3526, S3526 FM and
S3526 FS don’t.
Based on the delivery attribute value of the RADIUS server, the switch adds the ports of
the users who have passed the authentication to different VLANs, for purpose of
controlling the network resources that the users can access. In the practical
applications, the ports are set in port-based mode in order to work together with Guest
To Next Page
Loading...
Need help?
General
