After an NAC authentication profile is bound to an interface of the device, APs and terminals (such as printers and PCs) that attempt to go online on this interface must be authenticated first before they successfully go online.
In most cases, only users on the network need to be authenticated, and authenticating APs is optional. When terminals and APs go online on the same interface of the device, and NAC authentication is required only for terminals since AP access security is guaranteed, you can configure NAC authentication for the terminals, and then disable the interface from performing authentication on APs identified through LLDP.
LLDP has been enabled on APs, allowing them to exchange device information with an LLDP-enabled device through LLDP.
LLDP has been enabled on the device to identify APs. For details, see "Enabling LLDP" under "LLDP Configuration" in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - Network Management and Monitoring.
The system view is displayed.
The authentication profile view is displayed.
The device is disabled from performing authentication on APs identified through LLDP.
By default, the device needs to authenticate APs identified through LLDP.