3com 3.01.01 Benutzerhandbuch

Sometimes it is necessary to disconnect a user or a category of users by force. The 
system provides the following command to serve this purpose. 

Perform the following configurations in system view. 

By default, no online user will be disconnected by force.

On the Switch 8800, the RADIUS protocol is configured per RADIUS server group 
basis. In a real networking environment, a RADIUS server group can be an 
independent RADIUS server or a set of primary/secondary RADIUS servers with the 
same configuration but two different IP addresses. Attributes of every RADIUS 
server group include IP addresses of primary and secondary servers, shared key and 
RADIUS server type, etc.

RADIUS protocol configuration only defines some necessary parameters using 
information for interaction between NAS and RADIUS Server. To make these 
parameters effective, it is necessary to configure, in the view, an ISP domain to use 
the RADIUS server group, and specify it to use RADIUS AAA schemes. For more 
about the configuration commands, refer to “Configuring AAA ”. 

Tasks for configuring RADIUS are described in the following sections:

■

■

■

■

■

■

■

■

■

Configure the attributes of lan-access users

attribute {ip ip-address | mac mac-address | 
idle-cut second | access-limit 
max-user-number | vlan vlanid | location { 
nas-ip ip-address port portnum | port 
portnum }* 

Remove the attributes defined for the 
lan-access users

undo attribute {ip | mac | idle-cut | 
access-limit | vlan | location }

Table 18   Disconnect a User by Force

Disconnect a user by force

cut connection {all | access-type {dot1x | 
gcm} | domain domain-name | interface 
portnum | ip ip-address | mac mac-address | 
radius-scheme radius-scheme-name | vlan 
vlanid | ucibindex ucib-index | user-name 
user-name }

Table 17   Set/Remove the Attributes Concerned with a Specified User