Forgot password?
 Register now

Welcome to use this form to feedback your problems with Ruijie Community

The category of your feedback

Your Feedback

Your Email address (optional):

Do Ruijie switches support authentication migration? Reply

wxd521404

Level 1

Do Ruijie switches support authentication migration?
7407 1 2017-7-4 17:33:41
Original
Do Ruijie switches support authentication migration?

0 2017-7-4 17:41:37 View all replies
Non-core devices only support dot1xauthentication migration, but do not support web authentication migration.
Core devices, such as the RG-N18000-X support dot1x authentication migration, support web authentication migration.
The configuration is as follows:

NecessaryUser authentication migration

1. Principle introduction:
Scenario 1: When online user authentication cross-supervlan migration, must open the user authentication migration function, otherwise it will cause the table entry of original authentication is still online, the terminal to the new vlan/port will not be re-authentication.

Scenario 2: Online user authentication in the same supervlan, migration in different subvlan, and the IP address before and after migration is unchanged. After the configuration of user authentication migration, free authentication before and after migration (not popup the portal page). Resolve the user experience reduced after re-authentication.

Scenario 3: When online user authentication cross-supervlan migration, even the user authentication migration is configured, still need to re- authentication can access the network (popup the portal page).

Scenario 4: Cheating scenario, User A is authenticated in VLAN A, and user B (fake the same mac address) login with the same username and password/mac address in VLAN B, simulation authentication migration. When RG-N18000-X run into this kind of cheating scenario, will send arp detection of user A in the VLAN A, when it receives the arp reply of user A to determine the cheating scenario, does not allow authentication migration.

Note:Vlan refers to subvlan.


2. Configuration command:
Station-move permit     //Necessary, the main switch of all authentication migration, must be open. Enable the 802.1x authentication migration function command, when a user triggers an authentication migration, will automatically delete the authentication table entry which before migration, and automatically add the authentication table entry which after migration.

Web-auth station-move auto     //Necessary, enable web-auth authentication migration, when a user triggers an authentication migration, web-auth module will automatically delete the authentication table entry which before migration, and automatically add the authentication table entry which after migration.

Web-auth station-move update-info     //Necessary, when the web-auth authentication migration is enable, the latest value of the user vid/port is announce to the RADIUS server by accounting update message.

3. Announcements:
Subvlan will change when user migration corresponding vlan changed.
If the user migrates across the supervlan, the IP address changes before and after the migration. Can not complete the migration.




Related Posts
Product Model

Share this topic to

Cancel

This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.

More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.

©2000-2023 Ruijie Networks Co,Ltd