Authentication Scheme

Procedure

Create an authentication scheme.

Choose Configuration > Wireless Services > Profile > Wireless Service > Authentication Scheme. The Authentication Scheme List page is displayed.
Click Create. The Create Authentication Scheme page is displayed.
Enter the name of the new profile in Profile name.
Click OK. The parameter setting page for creating an authentication scheme is displayed.

Set parameters for creating an authentication scheme. Table 1 describes the parameters for creating an authentication scheme.

**Table 1** Authentication scheme parameters
Parameter	Description
Authentication Scheme	Name of the new authentication scheme, which cannot be modified.
First authorization	The value can be HWTACACS authentication, RADIUS authentication, Local authentication, or Non-authorization.
Second authorization	The value can be a mode except the first authorization mode. When the authorization server of the first authorization mode does not respond, the second authorization mode is triggered. When the first authorization mode is no authorization, the second authorization mode cannot be configured.
Third authorization	The value can be a mode except the first and second authorization modes. When the authorization servers of the first and second authorization modes do not respond, the third authorization mode is triggered. When the second authorization mode is no authorization or not configured, the third authorization mode cannot be configured.
Fourth authorization	The value can be no authorization or not configured. When the authorization servers of the first, second, and third authorization modes do not respond, the fourth authorization mode is triggered. When the third authorization mode is no authorization or not configured, the fourth authorization mode cannot be configured.
After authentication is switched to local	Specifies whether to configure the device to send accounting packets after an accounting server is configured but local authentication is triggered because the authentication server does not respond. Typically, a server functions as both the remote accounting server and the authentication server. If the authentication server does not respond, the accounting server also does not respond. When accounting and authentication + local authentication are configured on a device, a user is authenticated using the local authentication mode after the server does not respond to the user's authentication request. Because the accounting server also does not respond, after the user is authenticated using the local authentication mode, the device still sends accounting packets. As a result, the user goes offline because of accounting-start failures. To prevent this issue, the device does not send accounting packets by default when a user is authenticated using the local authentication mode after the server does not respond to the user's authentication request. This configuration item is supported only when local authentication mode is available.

If non-authentication is configured, a user passes the authentication using any user name or password. Therefore, to protect the device or network security, you are advised to enable authentication, allowing only the authenticated users to access the device or network.

Click Apply.

Modify an authentication scheme.
1. Choose Configuration > Wireless Services > Profile > Wireless Service > Authentication Scheme. The Authentication Scheme List page is displayed.
2. Click the authentication scheme to modify. The authentication scheme configuration page is displayed.
3. Set parameters for modifying an authentication scheme. Table 1 describes the parameters for modifying an authentication scheme.
4. Click Apply.
Delete an authentication scheme.
1. Choose Configuration > Wireless Services > Profile > Wireless Service > Authentication Scheme. The Authentication Scheme List page is displayed.
2. Select the profile that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.
Display the profile reference relationship.
1. Choose Configuration > Wireless Services > Profile > Wireless Service > Authentication Scheme. The Authentication Scheme List page is displayed.
2. Select the profile of which you want to display the reference relationship and click Display Reference Relationship. The system displays the types and names of the objects that reference the profile.
  
  Click Hide Reference Relationship. The system hides the displayed results.