To configure a subscriber authentication policy

Purpose

Perform this procedure to create a DHCP-based subscriber authentication policy that defines the parameters for dynamically created subscriber host sessions and authenticates the sessions. The NFM-P supports up to 32 subscriber authentication policies.

Steps
 

From the NFM-P main menu, choose Policies→AAA Policies→Subscriber Authentication. The Subscriber Authentication form opens.

Click Create or select an existing subscriber authentication policy and click Properties. The Subscriber Authentication Policy (Create|Edit) form opens.

Configure the required parameters.

The NAS Port Bit Specification parameter is configurable when the NAS Port option is enabled for the RADIUS Attributes parameter.

The Calling Station ID Type parameter is configurable when the Calling Station ID option is enabled for the RADIUS Attributes parameter.

The Port Type parameter is configurable when the NAS Port Type option is enabled for the RADIUS Attributes parameter.

The Port Type Value parameter is configurable when the NAS Port Type option is enabled for the RADIUS Attributes parameter, and the Port Type parameter is set to Config.

The Port Prefix Type, Port Prefix String, and Port Suffix Type parameters are configurable when the NAS Port ID option is enabled for the RADIUS Attributes parameter.

If you need to configure PAP/CHAP user name re-writing, configure the required parameters in the User Name panel.

The Domain Name parameter is configurable when the User Name Operation parameter is set to Append, Replace, or Use As Default.

In the RADIUS Fallback panel, configure the required parameters.

The Local User DB Name parameter is configurable when the Fallback Action parameter is set to User DB.

In PPP User Name panel, configure the required parameters.

The Domain Name parameter is configurable when the User Name Operation parameter is set to Append, Replace, or Use As Default.

Configure RADIUS script policies.

  1. Select an accept script.

  2. Select a CoA script.

  3. Select a request script.

Select a RADIUS server policy.

Click on the RADIUS Servers tab to configure the RADIUS servers for the policy.

  1. Configure the required parameters:

    If you set the Router Instance parameter to VPRN, select a VPRN site on the VPRN ID panel.

  2. Click Create. The RADIUS Entry form opens.

  3. Configure the required parameters.

  4. Save your changes and close the form.

10 

Save your changes and close the form. See To release and distribute a policy to distribute the policy to NEs.

End of steps