9.6.2 Advanced Authentication Configuration

  • User Authentication: Clicking on enable indicates that the function will be available for use, but selecting disable means that it will not be available for use.

  • Dial After Expiration: Enable/Disable.

  • Authentication Method: If local authentication is selected, the user account is the one that exists in Authentication User Management. If radius is used, the account will use the account on the radius server.

  • Authentication Protocol: pap, chap, mschap, mschap-v2, select all by default.

  • MTU:1450

  • MRU:1450

  • Abnormal Disconnect Detection Time: 10 minutes by default.

  • Abnormal Disconnection Detection Times:3 times by default.

  • MPPE Encryption: Enable/Disable.

  • MPPE Options: 40bit-MPPE request rejected, 56bit-MPPE request rejected, no status, all selected by default.

  • Enable Software Compression: Enable/Disable.

  • After the configuration is complete, the user can connect to the network via a dial-up connection.

Advanced Features

Authentication Mode Selection

PPPoE can use two types of accounts, with locally created accounts being used by default.

  1. Local Authentication

For the account created locally, please refer to the document “Local Account Management” for how to create it.

  1. RADIUS Authentication

Accounts created by third-party RADIUS can be created and managed on the RADIUS server.

The account created by a third-party RADIUS server can be created and managed on the RADIUS server.

Allow Any Server Name to Access

The PPPoE service can be configured with the service name of the current server (The identity of the server to distinguish other servers).

If multiple PPPoE servers exist on the network, lower level dial-up clients can be required to bring the server name for dialing.

If “Allow any server name to access” is enabled, the server name on the lower-level client will not be checked.

If ‘Allow any server name to access’ is not enabled, it is necessary to check the server name carried by the lower level client. If the name is incorrect, dialing cannot be successful.

Only PPPoE access is allowed on the dial-up interface:

Enable ->When there are other devices in the specified subnet, IP communication may still be required. In this case, selecting enable to prevent customers from accessing the Internet through IP addresses obtained by DHCP or manually specified.

Disable ->The DHCP and PPPoE services are enabled on the specified subnet. The customer can access the Internet no matter the IP address obtained through DHCP, manually specified, or PPPoE dial-up.

Dial from Any Account: If “Dial from any account” is enabled, the user name and password will not be checked, and any information that the customer fills in can be dialed through.

Can still dial after expiration: When a customer’s account expires, there are two strategies to choose from.

Enable ->

Users are allowed to dial up to access the Internet at will, and at the same time cooperate with the following two strategies to manage the user’s Internet behavior.

After an expired user successfully dials up, the device redirects the user’s access behavior to the specified page.

  1. Redirect to the local expiration notification page.

  2. Redirect to the URL address entered by the customer.

Disable ->

Prohibition of dialing means that the dialing failed.

作者:todaair01  创建时间:2023-05-22 15:34
最后编辑:todaair01  更新时间:2023-12-13 10:19