How are users forcibly disconnected from the AR router


When online users are unauthorized, the number of online users reaches the maximum, or AAA services need to be configured, you can force online users to go offline by specifying the domain name, interface, IP address, MAC address, slot ID, and user group. The configuration is as follows:
1. Run the display access-user command in any view to check online users who need to be disconnected forcibly.
2. Run the cut access-user { domain domain-name | interface interface-type interface-number [ vlan vlan-id [ qinq qinq-vlan-id ] ] | ip-address ip-address [ vpn-instance vpn-instance-name ] | mac-address mac-address | slot slot-id | ssid ssid-name | user-group group-number | user-id begin-number [ end-number ] } command in the AAA view to force users to go offiline based on the specified domain name, interface, IP address, MAC address, slot ID and user group.

Other related questions:
How do I force an online user to go offline

You can run the free user-interface { ui-number | ui-type ui-number1 } command to remove a user from a specified user interface, that is, disconnect the user from the device.

This command does not take effect for the current user. For example, if the user interface of the current user is VTY 2, the free user-interface vty 2 command does not take effect and the system displays an error message.

<Huawei> free user-interface 0
Warning: User interface Console1 will be freed. Continue? [Y/N]:y

How are NAT session tables of the AR router forcibly aged
Run the reset nat session all command to age the NAT session table.

How do I disconnect L2TP users on an AR
Use the following methods to disconnect L2TP users:
- Disconnect all users of the L2TP tunnel.
 1. Run the display l2tp tunnel [ tunnel-item <tunnel-id> | tunnel-name <tunnel-name> ] command in any view to check the ID of the tunnel to be terminated or remote tunnel name.
 2. Run the reset l2tp tunnel { peer-name <remote-name> | <local-id tunnel-id> } command in the user view to terminate the tunnel connection based on the local tunnel ID or remote tunnel name.
- Disconnect an L2TP user.
 1. Run the display l2tp session [ destination-ip <d-ip-address> | session-item <session-id> | source-ip <s-ip-address> ] command in any view to check the ID of the local session to be terminated based on the remote IP address.
 2. Run the reset l2tp session session-id <session-id> command in teh user view to terminate the session based on the local session ID.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top