9.6.2 Advanced Authentication Configuration

高级配置

  • User Authentication: Clicking on enable indicates that the function will be available for use, but selecting disable means that it will not be available for use.
  • 用户认证:点击开启表示功能将可以使用,选择关闭此功能将不能使用
  • Dial After Expiration: Enable/Disable.
  • 到期仍可拨号:开启/关闭
  • Authentication Method: If local authentication is selected, the user account is the one that exists in Authentication User Management. If radius is used, the account will use the account on the radius server.
  • 认证方式:选择本地认证,用户的账号为 “认证用户管理” 中存在的账号,若使用radius,账号将使用 radius 服务器上的账号
  • Authentication Protocol: pap, chap, mschap, mschap-v2, select all by default.
  • 认证协议:pap、chap、mschap、mschap-v2,默认全选
  • MTU:1450
  • MTU:1450
  • MRU:1450
  • MRU:1450
  • Abnormal Disconnect Detection Time: 10 minutes by default.
  • 异常断开检测时间:默认 10 分钟
  • Abnormal Disconnection Detection Times:3 times by default.
  • 异常断开检测次数:默认为 3 次。
  • MPPE Encryption: Enable/Disable.
  • MPPE 加密:开启/关闭
  • MPPE Options: 40bit-MPPE request rejected, 56bit-MPPE request rejected, no status, all selected by default.
  • MPPE 选项:拒绝 40bit-MPPE 请求、拒绝 56bit-MPPE、无状态,默认全选
  • Enable Software Compression: Enable/Disable.
  • 启用软件压缩:开启/关闭
  • After the configuration is complete, the user can connect to the network via a dial-up connection.
  • 配置完成后,用户可通过拨号连接方式连接网络。

Advanced Features
高级特性

Authentication Mode Selection
认证方式选择
PPPoE can use two types of accounts, with locally created accounts being used by default.
PPPoE 可使用两种账号,默认使用本地创建的账号

  1. Local Authentication
  2. 本地认证
    For the account created locally, please refer to the document “Local Account Management” for how to create it.
    本地创建的账号,如何创建请参照文档 “本地账号管理”。
  3. RADIUS Authentication
  4. RADIUS 认证
    Accounts created by third-party RADIUS can be created and managed on the RADIUS server.
    第三方 RADIUS 创建的账号,到 RADIUS 服务器上进行账号创建管理。
    The account created by a third-party RADIUS server can be created and managed on the RADIUS server.

Allow Any Server Name to Access
允许任意服务器名接入

The PPPoE service can be configured with the service name of the current server (The identity of the server to distinguish other servers).
PPPoE 服务可以配置当前服务器的服务名称(本服务器标识,区分其他服务器)
If multiple PPPoE servers exist on the network, lower level dial-up clients can be required to bring the server name for dialing.
在网络内有多个 PPPoE 服务器的时候,可以要求下级拨号客户端带上服务器名称拨号
If “Allow any server name to access” is enabled, the server name on the lower-level client will not be checked.
开启 “允许任意服务器名接入” ,则不检查下级客户端带上的服务器名称
If ‘Allow any server name to access’ is not enabled, it is necessary to check the server name carried by the lower level client. If the name is incorrect, dialing cannot be successful.
不开启 “允许任意服务器名接入”, 则需要检查下级客户端带的服务器名称,名称不对则不能拨号成功

Only PPPoE access is allowed on the dial-up interface:
只允许拨号接口 PPPoE 接入:
Enable ->When there are other devices in the specified subnet, IP communication may still be required. In this case, selecting enable to prevent customers from accessing the Internet through IP addresses obtained by DHCP or manually specified.
开启—>当指定的子网内有其他设备时,可能还是需要有 IP 通讯,这时,选择开启,就防止客户通过 DHCP 获取的 IP 地址或手动指定的 IP 地址访问外网。
Disable ->The DHCP and PPPoE services are enabled on the specified subnet. The customer can access the Internet no matter the IP address obtained through DHCP, manually specified, or PPPoE dial-up.
关闭—>当指定的子网既开启了 DHCP 服务,又开启了 PPPoE 服务的时候,则客户不管是通过 DHCP 获取的 IP 地址或手动指定的 IP 的地址,或者是 PPPoE 拨号得到的地址,都可以访问外网。

Dial from Any Account: If “Dial from any account” is enabled, the user name and password will not be checked, and any information that the customer fills in can be dialed through.
任意账号拨号: 开启 “任意账号拨号”, 则不检查用户名和密码 ,随便客户填什么信息都可以拨号通过。

Can still dial after expiration: When a customer’s account expires, there are two strategies to choose from.
到期仍可拨号: 针对到期的用户采用何种策略来进行提醒,当客户的账号到期时,有两种策略可以选择

Enable ->
开启—>
Users are allowed to dial up to access the Internet at will, and at the same time cooperate with the following two strategies to manage the user’s Internet behavior.
允许用户任意拨号上网,同时配合以下两种策略方式,对用户的上网行为进行管理。
After an expired user successfully dials up, the device redirects the user’s access behavior to the specified page.
到期的用户在拨号成功后,设备会将客户的访问网络行为重定向到指定页面

  1. Redirect to the local expiration notification page.
    1、可重定向到本地的到期通告页面。
  2. Redirect to the URL address entered by the customer.
    2、重定向到客户输入的 URL 地址。

Disable ->
关闭—>
Prohibition of dialing means that the dialing failed.
禁止拨号,即拨号失败

作者:todaair01  创建时间:2023-05-22 15:34
最后编辑:todaair01  更新时间:2023-12-13 10:18