Professional Documents
Culture Documents
Contents
2.13.15 How Can I Dynamically Assign VLANs or ACLs to Users Through RADIUS?...............................................138
2.13.16 Why the idle-timeout Parameter Configured in the User Interface View Does Not Take Effect?...................... 139
2.13.17 Why a Level-1 User Can Use the Configuration-Level Commands?................................................................. 139
2.14 References................................................................................................................................................................ 139
3.9.16 (Optional) Configuring the Session Timeout Interval for Built-in Portal Authentication Users...........................238
3.9.17 (Optional) Configuring Voice Terminals to Go Online Without Authentication.................................................. 238
3.9.18 (Optional) Enabling URL Encoding and Decoding.............................................................................................. 239
3.9.19 Checking the Configuration...................................................................................................................................240
3.10 Configuring Combined Authentication.................................................................................................................... 241
3.11 Maintaining NAC..................................................................................................................................................... 242
3.11.1 Clearing 802.1x Authentication Statistics............................................................................................................. 242
3.11.2 Clearing MAC Address Authentication Statistics................................................................................................. 242
3.11.3 Clearing Statistics on Traffic of Users in a User Group........................................................................................ 243
3.11.4 Forcing Users Offline............................................................................................................................................ 243
3.12 Configuration Examples........................................................................................................................................... 243
3.12.1 Example for Configuring 802.1x Authentication to Control Internal User Access.............................................. 243
3.12.2 Example for Configuring MAC Address Authentication to Control Internal User Access.................................. 248
3.12.3 Example for Configuring Built-in Portal Authentication to Control Internal User Access.................................. 251
3.12.4 Example for Configuring External Portal Authentication to Control Internal User Access................................. 254
3.12.5 Example for Configuring Combined Authentication on a Layer 2 Interface........................................................ 258
3.12.6 Example for Configuring Combined Authentication on VLANIF Interface.........................................................262
3.12.7 Example for Configuring User Group................................................................................................................... 266
3.13 FAQ...........................................................................................................................................................................270
3.13.1 Why Users Fail Authentication When the Access Device and AAA Server Configurations Are Correct?..........270
3.13.2 Why 802.1x Authentication Users Cannot Pass Authentication When a Layer 2 Switch Exists Between the
802.1x-Enabled Device and Users?..................................................................................................................................270
3.13.3 How Can I Select 802.1x User Authentication Modes for Different 802.1x Client Software?............................ 271
3.13.4 Why There Are a Large Number of 802.1x Authentication Logs?....................................................................... 271
3.13.5 Why an 802.1x User Is Automatically Disconnected After Passing Authentication?.......................................... 271
3.13.6 Why an 802.1x User Cannot Obtain an IP Address After Passing Authentication?............................................. 271
3.13.7 How Are Dumb Terminals such as Printers Authenticated in an 802.1x Network?............................................. 272
3.13.8 Why an 802.1x User Still Fails MAC Address Bypass Authentication After an Authentication Failure?........... 272
3.13.9 Does a Portal Authentication User Need to Obtain an IP Address Before Passing Authentication?....................272
3.14 References................................................................................................................................................................ 272