Login
- Table of Contents
-
- 12-Security Configuration Guide
- 00-Preface
- 01-AAA configuration
- 02-User profile configuration
- 03-Password control configuration
- 04-Keychain configuration
- 05-Public key management
- 06-PKI configuration
- 07-IPsec configuration
- 08-SSH configuration
- 09-SSL configuration
- 10-Session management
- 11-Attack detection and prevention configuration
- 12-IP-based attack prevention configuration
- 13-ARP attack protection configuration
- 14-ND attack defense configuration
- 15-uRPF configuration
- 16-Crypto engine configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-User profile configuration | 52.28 KB |
Configuring user profiles
About user profiles
A user profile defines a set of parameters, such as a QoS policy, for a single user or interface. A user profile can be reused when a user connected to the network on a different interface.
The user profile application allows flexible traffic policing on a per-user basis. Each time a user passes authentication, the server sends the device the name of the user profile specified for the user. The device applies the parameters in the user profile to the user. You can also apply a user profile to an interface to process specific traffic on the interface.
User profiles are typically used in the following scenarios:
· Resource allocation per user—Interface-based traffic policing limits the total amount of bandwidth available to all users that are connected through one interface. However, user-profile-based traffic policing can limit the amount of bandwidth available to a single user.
· User access control—When a user passes authentication but the account is overdue, only the resources defined by the ACL permit rules in the free rules are accessible for this user.
Prerequisites for user profile
A user profile works with authentication methods. You must configure authentication for a user profile. For information about supported authentication methods, see the configuration guides for the related authentication modules.
Configuring a user profile
1. Enter system view.
system-view
2. Create a user profile and enter user profile view.
user-profile profile-name
3. Configure GTS for the user profile.
qos gts [ inbound ] any cir committed-information-rate [ cbs committed-burst-size ]
By default, GTS is not configured for a user profile.
4. Configure queue scheduling traffic queues.
¡ Apply an existing queue scheduling profile to the user profile.
qos apply qmprofile [ four-queue ] profile-name [ inbound ]
By default, no queue scheduling profile is applied to a user profile.
Display and maintenance commands for user profiles
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display configuration and online user information for the specified user profile or all user profiles. |
display user-profile [ name profile-name ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
