Got it
Huawei Enterprise Support Community
Community Forums WLAN
WLAN User access authenti...

WLAN User access authentication

Latest reply: Nov 27, 2018 05:36:12 873 12 11 0 0
View the author 1#

comparison between EAP relay and EAP termination:

Ø  EAP termination: The device directly parses EAP packets, encapsulates user authentication information into a RADIUS packet, and sends the packet to the RADIUS server for authentication. EAP termination is classified into PAP or CHAP authentication.

Ø  EAP relay (specified by eap): The device encapsulates EAP packets into RADIUS packets and sends the RADIUS packets to the RADIUS server. The device does not parse the received EAP packets but encapsulates them into RADIUS packets. This mechanism is called EAP over Radius (EAPoR).

Ø  The EAP relay can be configured for 802.1x users only when RADIUS authentication is used.

If AAA local authentication is used, the authentication mode for 802.1x users can only be set to EAP termination.

Because mobile phones do not support EAP termination mode (PAP and CHAP), the 802.1x authentication + local authentication mode cannot be configured for mobile phones. Terminals such as laptop computers support EAP termination mode only after having third-party clients installed.

 

MAC Address Authentication:

MAC address authentication controls a user's network access rights based on the user's interface and MAC address. The user does not need to install any client software. The device starts authenticating a user when detecting the user's MAC address for the first time on the interface where MAC address authentication has been enabled. During the authentication process, the user does not need to enter a user name or password

 

Portal Authentication

Portal authentication is also called web authentication. Generally, Portal authentication websites are also called Portal websites. When users go online, they must be authenticated on Portal websites. The users can use network resources only after they pass the authentication.

A user can access a known Portal authentication website and enter a user name and password for authentication. This mode is called active authentication. If a user attempts to access other external networks through HTTP, the device forcibly redirects the user to the Portal authentication website for Portal authentication. This mode is called forcible authentication.

 

 

 

Like (11) Dislike (0) Favorite(0) Share Report
Previous: Problem
Next: only one PC cannot connect WIFI
(0) (0)
2#
Torrent
Created Oct 27, 2018 06:50:01

MAC Address Authentication:

MAC address authentication controls a user's network access rights based on the user's interface and MAC address. The user does not need to install any client software. The device starts authenticating a user when detecting the user's MAC address for the first time on the interface where MAC address authentication has been enabled. During the authentication process, the user does not need to enter a user name or password


this explain is very clear, can you also explain like this about the 802.1X authentication?  thanks very much.

This post was last edited by Torrent at 2018-10-31 06:26.
View more
  • x
  • convention:
(0) (0)
3#
SupperRobin
Created Oct 27, 2018 06:50:08

Thanks for you share about this which is very useful for my daily work.
And now i can easy to check the ISSUE if i face any issue about this.before this i aways do not know how to deal with them,and wasted a lot of time to serch this.Thanks agin for you selfless Sharing, Hope you can aways work like this.:):):)
View more
  • x
  • convention:
(0) (0)
4#
Skay
Created Oct 27, 2018 07:26:29

Thanks for your sharing, the key information is very useful.

A user can access a known Portal authentication website and enter a user name and password for authentication. This mode is called active authentication. If a user attempts to access other external networks through HTTP, the device forcibly redirects the user to the Portal authentication website for Portal authentication. This mode is called forcible authentication.
View more
  • x
  • convention:
(0) (0)
5#
lizhi94
Created Oct 27, 2018 07:29:15

the sharing of technology enrichs my knowledge and the professional answer is totally right to bring me the new viewpoint.
at the sametime ,it is necessary for me to read the posts. within the posts cuting large amouts of fact meterials, which encourage me to be better.
one hand, i have aquired a large number of skills which is very useful for us and is interesting for us to remember it.
another hand, that a good post which is in network technology contains a lot of excellent experience.
thanks very much for your sharing. we are so happy for your next sharing like this.
View more
  • x
  • convention:
(0) (0)
6#
wanglei259
Created Oct 27, 2018 07:32:16

Thanks for your sharing ,which is a wonderful guidance, i really interested in this article, which is useful for us and improvement product technology and become to a professional engineer .
I hope that you can insist post new kownlege and skills, i will alawys keep an eye on your sharing.
View more
  • x
  • convention:
(0) (0)
7#
SupperRobin
Created Oct 27, 2018 07:41:19

You can run the poe power-off time-range command to configure a PoE power-off time range on an interface. If the current time is within the specified time range, the PD connected to the interface cannot be powered on.
To cancel a configured PoE power-off time range on an interface, run the undo poe power-off time-range command. The time range does not take effect on the PD connected to the interface; however, the configuration of the time range is still saved.

This post was last edited by SupperRobin at 2018-10-31 06:24.
View more
  • x
  • convention:
(0) (0)
8#
Finn92
Created Oct 27, 2018 07:41:43

A user can access a known Portal authentication website and enter a user name and password for authentication. This mode is called active authentication. If a user attempts to access other external networks through HTTP, the device forcibly redirects the user to the Portal authentication website for Portal authentication. This mode is called forcible authentication.

 

i have idea how to explain portal authentication to customer , thank you very much .

This post was last edited by Finn92 at 2018-10-31 09:01.
View more
  • x
  • convention:
(0) (0)
9#
Mark.hu
Created Oct 27, 2018 07:57:16

Finally found an understanding of MAC address authentication controls a user's network access rights based on the user's interface and MAC address. The user does not need to install any client software. The device starts authenticating a user when detecting the user's MAC address for the first time on the interface where MAC address authentication has been enabled. During the authentication process, the user does not need to enter a user name or password This post was last edited by Mark.hu at 2018-10-30 09:06.
View more
  • x
  • convention:
(0) (0)
10#
No.9527
Created Oct 27, 2018 08:08:42

Mode in which Ekahau location packets are reported.

  • Through AC: An AP reports Ekahau location packets to an AC, and the AC forwards them to the Ekahau location server.
  • AP: An AP directly reports Ekahau location packets to the Ekahau location server without sending them to the AC.
This post was last edited by No.9527 at 2018-10-31 03:36.
View more
  • x
  • convention:
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.