Authentication schemes for mute terminals, Authentication priorities, Byod – H3C Technologies H3C Intelligent Management Center User Manual
Page 40
22
Authentication
function
Authentication
method
Credential
transmission
method
Supporte
d client
Credential storage location
Username/
password
Certificate
IPsec
Pre-shared key
IPsec
iNode PC
(Windows
)
Third-party
client
VPN gateway
None
Mutual certificate
authentication
between client
and VPN
gateway
IPsec
iNode PC
(Windows
)
Third-party
client
None
Root
certificate: PC
and VPN
gateway
Device
certificate:
VPN gateway
Client
certificate: PC
Authentication schemes for mute terminals
Mute terminals refer to terminals that cannot actively initiate authentication, such as IP phones and
printers.
Table 3 Authentication schemes for mute terminals
Authentication
function
Authentication
method
Credential
transmission
method
Supported
client
Credential storage
location
Wired-MAC
MAC
authentication
PAP
CHAP
None UAM
Authentication priorities
To avoid conflict caused by username/password authentication, transparent MAC authentication, and
mute terminal authentication that all can process authentication requests containing usernames in MAC
address format, UAM determines authentication priorities in the following order from high to low:
•
Mute terminal authentication.
•
Transparent MAC authentication.
•
Username/password authentication.
Transparent portal authentication does not cause authentication conflict because portal authentication
processes the target MAC address before transparent portal authentication is performed.
BYOD
UAM supports Bring You Own Device (BYOD), which allows you to apply different access policies to
users in different access scenarios. An access scenario includes the following items:
•
Access device