Creating an isp domain, Configuring isp domain attributes – H3C Technologies H3C SecPath F1000-E User Manual

Page 219

209

Creating an ISP domain

In a networking scenario with multiple ISPs, an access device may connect users of different ISPs, and

users of different ISPs may have different user attributes, such as different username and password

structures, different service types, and different rights. To distinguish the users of different ISPs, configure
ISP domains, and configure different AAA methods and domain attributes for the ISP domains.
On a NAS, each user belongs to an ISP domain. A NAS can accommodate up to 16 ISP domains,

including the system predefined ISP domain system. You can specify one of the ISP domains as the

default domain. If a user provides no ISP domain name at login, the firewall considers that the user

belongs to the default ISP domain.
To create an ISP domain:

Step Command

Remarks

Enter system view.

system-view

N/A

Create an ISP domain and

enter ISP domain view.

domain isp-name N/A

Return to system view.

quit

N/A

Specify the default ISP
domain.

domain default enable
isp-name

Optional.
By default, the default ISP domain is the
system predefined ISP domain system.

NOTE:

To delete the ISP domain that is functioning as the default ISP domain, you must change it to a non-default
ISP domain by using the undo domain default

enable command.

Configuring ISP domain attributes

To configure ISP domain attributes:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter ISP domain view.

domain isp-name

N/A

Place the ISP domain to the

state of active or blocked.

state { active | block }

Optional.
By default, an ISP domain is in active

state, and users in the domain can
request network services.

Specify the maximum number

of active users in the ISP
domain.

access-limit enable
max-user-number

Optional.
No limit by default.

Configure the idle cut function. idle-cut enable minute [ flow ]

Optional.
Disabled by default.
This command applies only to portal
and PPP users.

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS