User Access Manager Help >> Operation Guide >> User Access Policy >> Service Parameter >> System SettingsRoaming Configuration >> Add/Modify Roaming Configuration

Add/Modify Roaming Configuration

This function allows you to add and modify roaming configuration in INC.

Operation Procedure

1. Select the User tab, and then select User Access Policy > Service Parameters >System Settings from the navigation tree to enter the system configuration page. Then, click the roaming configuration link to enter the roaming configuration page.
2. Click Add or click the link of the roaming configuration you want to modify.
3. Select the identifier, and specify the domain name, active server IP, standby server IP, port, key, and type.
4. Click OK to finish the operation.

Precautions

• When the identifier is domain, the identifier-domain name-type combination of a roaming policy with must be unique.
• If you delete the IP address of the standby server that is in use for authentication or accounting, the system will switch the services to the active server. A server switchover might cause roaming failures. Make sure you are fully aware of the impact of this operation.

Parameters

• Identifier: Roaming identifier defined.
• Domain Name: Name of the domain, which is configured on the access device. It can consist of letters, digits, underscore (_), hyphen (-), and dot(.).
• Active Server IP: IPv4 or IPv6 address of the active server in the roaming destination, that is, the active server IP address of EIA to which the roaming account belongs.
• Standby Server IP: IPv4 or IPv6 address of the standby server in the roaming destination, that is, the standby server IP address of EIA to which the roaming account belongs. The IP version must be the same as that of the active server.
• Server in Use: Displays the server in use. The RADIUS server refreshes periodically to display the server in use.
• Port: Roaming destination port, that is, port of the destination EIA to which authentication or accounting packets are to be forwarded. It must be identical to that configured in the access device part. The default authentication and accounting ports are 1812 and 1813 respectively.
• Key: Pre-shared key for RADIUS packet forwarding. It must be identical to that configured in the access device part.
• Type: Accounting or authentication. If you select Authentication, the destination EIA is used for authentication; if you select Accounting, the destination EIA is used for accounting.

Configuration Example

• A school has two campuses: A and B, each of which is installed with a EIA server (EIA A or EIA B) for user management.
• On EIA A, configure EIA B as a NAS in the access device part. On EIA B, add roaming configurations to forward all authentication and accounting packets with domain names ended with dom_a to EIA B.
• On the access device of campus B, configure command domain dom_a, configure command username with-domain for the RADIUS scheme, and specify to use EIA B for authentication.
• When user named user uses the login name user@dom_a for authentication on campus B, EIA B acts as an agent, that is, it forwards the request to EIA A and forwards the response from EIA A to the access device. In this case, both EIA A and EIA B can see the online user.