Configuring the NAC Unified Mode
Context
NAC supports the common mode and unified mode. By default, the unified mode is used.
Compared with the common mode, the unified mode uses the modular configuration, making the configuration clearer and configuration model easier to understand.
Considering advantages of the unified mode, you are advised to deploy NAC in unified mode.
- Starting from V200R005C00, the default NAC mode changes from common mode to unified mode. Therefore, if the system software of a switch is upgraded from a version earlier than V200R005C00 to V200R005C00 or a later version, the switch automatically runs the undo authentication unified-mode command to configure the NAC mode to common mode.
- After the common mode and unified mode are switched, the device automatically restarts, causing service interruption.
- In V200R008C00, some NAC commands do not differentiate the common and unified modes. Their formats and views remain unchanged after being switched from one mode to the other. After devices are switched from the common mode in V200R008C00 or later versions to the unified mode in V200R009C00 or later versions, these NAC commands can be switched to the unified mode.
- In the unified mode, only the commands of the common mode are unavailable; in the common mode, only the commands of the unified mode are unavailable. In addition, after the configuration mode is switched, the commands supported by both the common mode and unified mode still take effect.
Procedure
- Run display authentication mode
The current NAC mode is displayed.
- If the current NAC mode is unified mode, configure the access profile directly.
- If the current NAC mode is common mode, perform the following steps to switch the NAC mode to unified mode.
- Run system-view
The system view is displayed.
- Run authentication unified-mode
The NAC mode is switched to unified mode.
By default, the unified mode is used.