3Com 10014298 - page 218

218 CHAPTER 9: AAA AND RADIUS OPERATION

userid@isp-name format, the system will take userid part as username for

identification and take isp-name part as domain name.

The purpose of introducing ISP domain settings is to support the multi-ISP

application environment. In such an environment, one access device might access

users of different ISPs. Because the attributes of ISP users, such as username

support and password formats, etc., are usually different, it is necessary to group

them by setting ISP domain. In the Switch 7750 ISP domain view, you can

configure a complete set of exclusive ISP domain attributes on a per-ISP domain

basis, which includes AAA policy (RADIUS server group applied etc.)

For the Switch 7750, each supplicant belongs to an ISP domain. Up to 16 domains

can be configured in the system. If a user has not reported its ISP domain name,

the system will put it into the default domain.

Perform the following configurations in system view.

By default, the domain name system is already created. The attributes of system

are all default values.

Configuring Relevant Attributes of an ISP Domain

The relevant attributes of an ISP domain include the adopted RADIUS server

group, state, and maximum number of supplicants. Note the following:

■The adopted RADIUS server group is the one used by all the users in the ISP

domain. The RADIUS server group can be used for RADIUS authentication or

accounting. By default, the default RADIUS server group is used. For details,

refer to “Configuring the RADIUS Protocol ”.

■Every ISP has active/block states. If an ISP domain is in active state, the users

can request for network service, while in block state, users cannot request any

network service. An ISP is in the block state when it is created.

■Maximum number of supplicants specifies how many supplicants can be

contained in the ISP. By default, for any ISP domain, there is no limit to the

number of supplicants.

■The idle cut function means that if the traffic from a certain connection is lower

than the defined traffic, cut off the connection.

Perform the following configurations in ISP domain view.

Tabl e 229 Create/Delete ISP Domain

Operation Command

Create ISP domain or enter the view of a

specified domain.

domain [ isp-name | default {

disable | enable isp-name } ]

Remove a specified ISP domain undo domain isp-name

Tabl e 230 Configure Relevant Attributes of ISP Domain

Operation Command

Specify the adopted RADIUS server group radius-scheme radius-scheme-name

Specify the ISP domain state to be used state { active | block }

Set a limit to the amount of supplicants access-limit { disable | enable

max-user-number }