Local guest configuration and management example

As shown in Figure 27, create an 802.1X local guest named user1 for Jack. Configure local guest attributes and manage the local guest on the switch as follows:

• Configure attributes for the local guest, including the password, user group, validity period, and sponsor information.

• Enable the local user auto-delete feature.

• Specify an SMTP server and email sender address for the device to send local guest email notifications.

• Configure email addresses for the local guest and guest sponsor.

• Configure the subject and body of the email notifications to be sent to the guest and guest sponsor.

• Send email notifications of the local guest account information to the guest and guest sponsor.

1. Configure 802.1X settings. Make sure the guest can pass 802.1X authentication to access the network. (Details not shown.)

2. Manage local guests:

   # Enable the local user auto-delete feature for expired local guests.

   <Switch> system-view
   [Switch] local-user auto-delete enable
   

   # Specify an SMTP server to send local guest email notifications.

   [Switch] local-guest email smtp-server smtp://192.168.0.112/smtp
   

   # Specify the email sender address as bbb@ccc.com in the email notifications sent by the device for local guests.

   [Switch] local-guest email sender bbb@ccc.com
   

   # Configure the subject and body of the email notifications to be sent to the local guest.

   [Switch] local-guest email format to guest subject Guest account information
   [Switch] local-guest email format to guest body A guest account has been created for you. The username, password, and validity period of the account are given below.
   

   # Configure the subject and body of the email notifications to be sent to the guest sponsor.

   [Switch] local-guest email format to sponsor subject Guest account information
   [Switch] local-guest email format to sponsor body A guest account has been created for you. The username, password, and validity period of the account are given below.
   

3. Configure the local guest:

   # Create a user group named guest1.

   [Switch] user-group guest1
   [Switch-ugroup-guest1] quit
   

   # Create a local guest named user1 and enter local guest view.

   [Switch] local-user user1 class network guest
   

   # Set the guest password to 123456 in plain text.

   [Switch-luser-network(guest)-user1] password simple 123456
   

   # Assign the guest to user group guest1.

   [Switch-luser-network(guest)-user1] group guest1
   

   # Specify the name of the local guest.

   [Switch-luser-network(guest)-user1] full-name Jack
   

   # Specify the company of the local guest.

   [Switch-luser-network(guest)-user1] company cc
   

   # Configure the email address of the local guest.

   [Switch-luser-network(guest)-user1] email Jack@cc.com
   

   # Configure the phone number of the local guest.

   [Switch-luser-network(guest)-user1] phone 131129237
   

   # Configure a description for the local guest.

   [Switch-luser-network(guest)-user1] description A guest from company cc
   

   # Configure the validity period of the local guest.

   [Switch-luser-network(guest)-user1] validity-datetime from 2015/4/1 08:00:00 to 2015/4/3 18:00:00
   

   # Specify the guest sponsor name as Sam.

   [Switch-luser-network(guest)-user1] sponsor-full-name Sam
   

   # Configure the email address of the guest sponsor.

   [Switch-luser-network(guest)-user1] sponsor-email Sam@aa.com
   

   # Configure the department of the guest sponsor as security.

   [Switch-luser-network(guest)-user1] sponsor-department security
   [Switch-luser-network(guest)-user1] quit
   [Switch] quit
   

4. Configure the device to send guest email notifications:

   # Send an email notification to the guest sponsor.

   <Switch> local-guest send-email user-name user1 to sponsor
   

   # Send an email notification to the guest.

   <Switch> local-guest send-email user-name user1 to guest
   

# Display local guest information.

<Switch> display local-user user-name user1 class network guest
Total 1 local users matched.

Network access guest user1:
  State:                     Active
  Service type:              LAN-access/Portal
  User group:                guest1
  Full name:                 Jack
  Company:                   cc
  Email:                     Jack@cc.com
  Phone:                     131129237
  Sponsor full name:         Sam
  Sponsor department:        security
  Sponsor email:             Sam@aa.com
  Description:                A guest from company cc
  Validity period:
    Start date and time:     2015/04/01-08:00:00
    Expiration date and time:2015/04/03-18:00:00

# Verify that Jack can use username user1 and password 123456 to pass local authentication and come online during the validity period. (Details not shown.)