EasyManuals Logo

Ruijie RG-WLAN Series User Manual

Ruijie RG-WLAN Series
1243 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #761 background imageLoading...
Page #761 background image
Configuration Guide Configuring AAA
Common Errors
For RADIUS servers that use non-default authentication and accounting ports, when you run the server command to
add servers, specify the authentication or accounting port.
Only the RADIUS server group can be configured with the VRF attribute.
2.4.5 Configuring the Domain-Based AAA Service
Configuration Effect
Create AAA schemes for 802.1X users in different domains.
Notes
About referencing method lists in domains:
The AAA method lists that you select in domain configuration mode should be defined in advance. If the method lists
are not defined in advance, when you select them in domain configuration mode, the system prompts that the
configurations do not exist.
The names of the AAA method lists selected in domain configuration mode must be consistent with those of the method
lists defined for the AAA service. If they are inconsistent, the AAA service cannot be properly provided to the users in
the domain.
About the default domain:
Default domain: After the domain-based AAA service is enabled, if a username does not carry domain information, the
AAA service is provided to the user based on the default domain. If the domain information carried by the username is
not configured in the system, the system determines that the user is unauthorized and will not provide the AAA service
to the user. If the default domain is not configured initially, it must be created manually.
When the domain-based AAA service is enabled, the default domain is not configured by default and needs to be
created manually. The default domain name is default. It is used to provide the AAA service to the users whose
usernames do not carry domain information. If the default domain is not configured, the AAA service is not available for
the users whose usernames do not carry domain information.
About domain names:
The domain names carried by usernames and those configured on the NAS are matched in the longest matching
principle. For example, if two domains, domain.com and domain.com.cn are configured on a NAS and a user sends a
request carrying aaa@domain.com, the NAS determines that the user belongs to domain.com, instead of
domain.com.cn.
If the username of an authenticated user carries domain information but the domain is not configured on the NAS, the
AAA service is not provided to the user.
Configuration Steps
Enabling AAA

Table of Contents

Other manuals for Ruijie RG-WLAN Series

Preview: Rgos Command Reference
Rgos Command Reference657 pages
Preview: Configuration Guide
Configuration Guide712 pages
Preview: Web-Based Configuration Guide
Web-Based Configuration Guide71 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Ruijie RG-WLAN Series and is the answer not in the manual?

Ruijie RG-WLAN Series Specifications

General IconGeneral
BrandRuijie
ModelRG-WLAN Series
CategoryWireless Access Point
LanguageEnglish

Related product manuals