Command Manual (For Soliton) – AAA
H3C S3100 Series Ethernet Switches
Chapter 1 AAA Configuration Commands
1-30
Description
Use the
vlan-assignment-mode
command to set the VLAN assignment mode (integer
or string) on the switch.
By default, the VLAN assignment mode is integer, that is, the switch supports its
RADIUS authentication server to assign integer VLAN IDs.
The dynamic VLAN assignment feature enables a switch to dynamically add the ports
of successfully authenticated users to different VLANs according to the attributes
assigned by the RADIUS server, so as to control the network resources that different
users can access.
In actual applications, to use this feature together with Guest VLAN, you are
recommended to set port control to port-based mode.
Currently, the switch supports the following two types of assigned VLAN IDs: integer
and string.
z
Integer: If the RADIUS authentication server assigns integer type of VLAN IDs,
you can set the VLAN assignment mode to integer on the switch (this is also the
default mode on the switch). Then, upon receiving an integer ID assigned by the
RADIUS authentication server, the switch adds the port to the VLAN whose VLAN
ID is equal to the assigned integer ID. If no such a VLAN exists, the switch first
creates a VLAN with the assigned ID, and then adds the port to the newly created
VLAN.
z
String: If the RADIUS authentication server assigns string type of VLAN IDs, you
can set the VLAN assignment mode to string on the switch. Then, upon receiving a
string ID assigned by the RADIUS authentication server, the switch compares the
ID with existing VLAN names on the switch. If it finds a match, it adds the port to
the corresponding VLAN. Otherwise, the VLAN assignment fails and the user fails
the authentication.
The switch supports two dynamic VLAN assignment modes to adapt to different
authentication servers. You are recommended to configure the switch according to the
dynamic VLAN assignment mode used by the server.
Table 1-4
lists several commonly used RADIUS servers and their dynamic VLAN
assignment modes.
Table 1-4
Commonly used servers and their dynamic VLAN assignment modes
Server
Dynamic VLAN assignment mode
CAMS
Integer
For the latest CAMS version, you can
determine the assignment mode by
attribute value.
ACS String