< Home

Configuring the Default Domain Based on the Access Type

This section provides a sample of configuring the default domain based on the access type using the merge method. You can also use the create method to configure the default domain based on the access type.

Table 1 Configuring the default domain based on the access type

Operation

XPATH

edit-config:merge

/huawei-nac:nac-access/configure-mode/unified-mode/authentication-profile/default-domain/access-default-domain/domain-name

/huawei-nac:nac-access/configure-mode/unified-mode/authentication-profile/default-domain/access-default-domain/access-type

Data Requirement

Table 2 Configuring the default domain based on the access type

Item

Data

Description

domain-name

domain2

Configure the default domain based on the access type.

The domain must exist on the switch.

Request Example

<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <target>
    <running/>
  </target>
  <error-option>rollback-on-error</error-option>
  <config>
    <aaa xmlns="urn:huawei:params:xml:ns:yang:huawei-aaa">
      <aaa-domain xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">
        <name>domain2</name>
        <vsys>public</vsys>
      </aaa-domain>
    </aaa>
    <nac-access xmlns="urn:huawei:params:xml:ns:yang:huawei-nac">
      <authentication-profile xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">
        <name>authen_pro</name>
        <default-domain>
          <access-default-domain>
            <access-type>dot1x</access-type>
            <domain-name>domain2</domain-name>
          </access-default-domain>
          <access-default-domain>
            <access-type>mac</access-type>
            <domain-name>domain2</domain-name>
          </access-default-domain>
          <access-default-domain>
            <access-type>portal</access-type>
            <domain-name>domain2</domain-name>
          </access-default-domain>
        </default-domain>
      </authentication-profile>
    </nac-access>
  </config>
</edit-config>

Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="DEVICECONFIG_012824316d704d43adb16b1a4245d273">
 <ok/>
</rpc-reply>

Sample of failed response

<?xml version='1.0' encoding='UTF-8'?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="52">
  <rpc-error>
    <error-app-tag>-1</error-app-tag>
    <error-message>config/undo access domain failed</error-message>
    <error-info>Error on node /huawei-nac:nac-access/authentication-profile[name="authen_pro"]/default-domain/access-default-domain[access-type="dot1x"]/domain-name</error-info>
  </rpc-error>
</rpc-reply>
Parent Topic: Configuring an Authentication Profile
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >