Contents

Configuring a user profile· 1

Overview·· 1

User profile configuration task list 1

Creating a user profile· 1

Performing configurations in user profile view·· 2

Enabling a user profile· 2

Displaying and maintaining user profile· 2

Configuring a user profile

Overview

A user profile provides a configuration template to save predefined configurations, such as a Committed Access Rate (CAR) policy or a Quality of Service (QoS) policy.

The user profile implements service applications on a per-user basis. Every time a user accesses the device, the device automatically applies the configurations in the user profile that are associated only with this user.

User-based traffic policing is more flexible than interface-based traffic policing. In interface-based traffic policing, if a user moves between ports to access a device, you must remove the policy from the previous port, and then configure the same policy on the port being used to restrict user behaviors. The configuration task is tedious and error prone.

The user profile supports working with PPPoE, 802.1X authentication, MAC authentication, and portal authentication, and restricts authenticated users' behaviors as follows:

1.     After the authentication server verifies a user, the server sends the device the name of the user profile associated with the user.

¡     If the profile is enabled, the device applies the configurations in the user profile, and allows user access based on all valid configurations.

¡     If the user profile is disabled, the device denies the user access.

2.     After the user logs out, the device automatically disables the configurations in the user profile, and the restrictions on the user access are removed.

User profile configuration task list

Creating a user profile

Before you create a user profile, complete the following tasks:

·     Configure authentication parameters on the device.

·     Perform configurations on the client, the device, and the authentication server. For example, configure the username, password, authentication scheme, domain, and bind the user profile with a user.

To create a user profile:

Performing configurations in user profile view

After a user profile is created, perform configurations in user profile view. The configuration made in user profile view takes effect when the user profile is enabled and a user using the user profile goes online.

Supported configurations include QoS policies, WLAN configurations, and firewall configurations. The QoS policies applied in user profile view support only the remark, car, and filter actions.

For more information about QoS policies, see ACL and QoS Configuration Guide.

For more information about WLAN configuration, see WLAN Configuration Guide.

For more information about firewall configuration, see "Configuring firewall."

Enabling a user profile

Enable a user profile so that configurations in the profile can be applied by the device to restrict user behaviors. If the device detects that the user profile is disabled, the device denies the associated user, even if the user has been verified by the authentication server.

You can only edit or remove the configurations in a disabled user profile.

Disabling a user profile logs out the users that are using the user profile.

To enable a user profile:

Displaying and maintaining user profile