Usage Scenario
The command can be used to encrypt the client information or send the vendor-class ( dhcpv4 option60/dhcpv6 option16) defined by the device manufacturer to the Radius server.
The cn keyword has the same function as the offset 2 sub-option 31 sub-offset 44 sub-length 4 configuration. If the cn keyword is configured, the RADIUS server uses login information obtained from vendor-class sub-option 31 to parse the user domain (offset, sub-offset, and sub-length determines which part of vendor-class sub-option 31 is used for user domain identification).
With the offset, length, sub-option, sub-offset, and sub-length parameters, a RADIUS server can flexibly obtain information used for user domain parsing.
When the
NetEngine 8000 F fails to parse the vendor-class attribute of a DHCP packet, if the domain name in the vendor-class attribute is encrypted, the
NetEngine 8000 F sends unparsed contents of the vendor-class attribute in the format of username@vendor-class to the RADIUS server. After parsing the domain name, the RADIUS server sends the No.138 attribute carrying the domain name to the . Then, the
NetEngine 8000 F authorizes the user to go online by using the delivered domain name.
If encryption is not configured for the domain name in the vendor-class attribute, the
NetEngine 8000 F does not send the vendor-class attribute to the RADIUS server, and the
NetEngine 8000 F performs authorization based on the authentication domain.
The
dhcp option-60 command has the same function as the vendor-class command. The later configured command overrides the previous one. When running the undo form of the command, you must ensure that the keywords of the two commands are the same. For example, if the
dhcp option-60 command is configured, you can run only the undo
dhcp option-60 command to delete this command; if the vendor-class command is configured, you can run only the undo vendor-class command to delete this command.
The display
dhcp option-60 command displays both dhcp option-60 and vendor-class configurations.
The display vendor-class command displays both dhcp option-60 and vendor-class configurations.
Precautions
In VS mode, this command is supported only by the admin VS.