Configuring radius related attributes, Specifying nas-port-type for an interface, Specifying a nas id profile for an interface – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

167

Configuring RADIUS related attributes

Specifying NAS-Port-Type for an interface

NAS-Port-Type is a standard RADIUS attribute for indicating a user access port type. With this attribute

specified on an interface, when a portal user logs on from the interface, the device uses the specified
NAS-Port-Type value as that in the RADIUS request to be sent to the RADIUS server. If NAS-Port-Type is not

specified, the device uses the access port type obtained.
If there are multiple network devices between the Broadband Access Server (BAS, the portal

authentication access device) and a portal client, the BAS may not be able to obtain the correct access
port information of a user. For example, for a wireless client using portal authentication, the access port

type obtained by the BAS may be the type of the wired port that authenticates the user. To make sure that

the BAS delivers the right access port information to the RADIUS server, you must specify the

NAS-Port-Type according to the practical access environment.
To specify the NAS-Port-Type value for an interface:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter interface view.

interface interface-type
interface-number

N/A

3.

Specify the NAS-Port-Type
value for the interface.

portal nas-port-type { ethernet |
wireless }

Not configured by default

Specifying a NAS ID profile for an interface

In some networks, users' access points are identified by their access VLANs. Network carriers need to
use NAS-identifiers to identify user access points. With a NAS ID profile specified on an interface, when

a user logs in from the interface, the access device checks the specified profile to obtain the NAS ID that

is bound with the access VLAN. The value of this NAS ID is used as that of the NAS-identifier attribute in

the RADIUS packets to be sent to the RADIUS server.
A NAS ID profile defines the binding relationship between VLANs and NAS IDs. A NAS ID-VLAN
binding is defined by the nas-id id-value bind vlan vlan-id command, which is described in detail in AAA

configuration commands in Security Command Reference.
If no NAS-ID profile is specified for an interface or no matching binding is found in the specified profile,

the device uses the device name as the interface NAS ID.
To configure a NAS ID profile for an interface:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Create a NAS ID profile and
enter NAS ID profile view.

aaa nas-id profile profile-name

For more information about the
command, see Security Command

Reference.

3.

Bind a NAS ID with a VLAN. nas-id nas-identifier bind vlan

vlan-id

For more information about the
command, see Security Command

Reference.