3com 8807 Reference Guide
352
C
HAPTER
21: AAA
AND
RADIUS/HWTACACS P
ROTOCOL
C
ONFIGURATION
C
OMMANDS
servers reject the username including ISP domain name. In this case, the username
will be sent to the RADIUS server after its domain name is removed. Accordingly,
the switch provides this command to decide whether the username to be sent to
RADIUS server carries ISP domain name or not.
will be sent to the RADIUS server after its domain name is removed. Accordingly,
the switch provides this command to decide whether the username to be sent to
RADIUS server carries ISP domain name or not.
n
If a RADIUS scheme is configured to reject usernames including ISP domain names,
the RADIUS scheme shall not be simultaneously used in more than one ISP
domains. Otherwise, the RADIUS server will regard two users in different ISP
domains as the same user by mistake, if they have the same username (excluding
their respective domain names.)
the RADIUS scheme shall not be simultaneously used in more than one ISP
domains. Otherwise, the RADIUS server will regard two users in different ISP
domains as the same user by mistake, if they have the same username (excluding
their respective domain names.)
Related command: radius scheme.
Example
# Specify to send the username without domain name to RADIUS scheme.
[3Com-radius-3com] user-name-format without-domain
vpn-instance
Syntax
vpn-instance vpn-name
View
RADIUS scheme view
Parameter
vpn-name: The name of the VPN instance, which is a string of 1 to 19 characters.
Description
Use the vpn-instance command to configure the VPN that the RADIUS scheme
belongs to.
belongs to.
Use the undo vpn-instance command to cancel the configuration for VPN.
The VPN in this command must exist and must be assigned with an route
distinguisher (RD). One RADIUS scheme can only be bound to one VPN.
distinguisher (RD). One RADIUS scheme can only be bound to one VPN.
n
The nas-ip configured must belong to the VLAN bound to the specified VPN after
a VPN is specified by the RADIUS scheme; otherwise the packets cannot be sent.
Also pay attention to this point when configuring global RADIUS nas-ip.
a VPN is specified by the RADIUS scheme; otherwise the packets cannot be sent.
Also pay attention to this point when configuring global RADIUS nas-ip.
Related command: radius scheme.
Example
# Specify the VPN to which the RADIUS server belongs in the RADIUS scheme
"3com" as vpn1.
"3com" as vpn1.
[3Com-radius-3com] vpn-instance vpn1