Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DHCP (Dynamic Host Configuration Protocol) Option 82 based user accessing authority control method

A control method and access authority technology, applied in electrical components, transmission systems, etc., can solve problems such as inability to control user access authority, and achieve the effect of safe and convenient access method and control access authority

Inactive Publication Date: 2011-11-23
北京神州数码云科信息技术有限公司
View PDF0 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problem in the prior art that user access rights cannot be controlled after 802.1x authentication when users access the network, the present invention provides an access control method based on DHCP Option 82 using two IP acquisitions to adjust user rights. The specific scheme is as follows : the user access authority control method based on DHCP Option 82, comprising client and DHCP server, client is connected with DHCP server by access switch, aggregation switch, and aggregation switch is also connected with Radius server, it is characterized in that, comprises the following steps:

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DHCP (Dynamic Host Configuration Protocol) Option 82 based user accessing authority control method
  • DHCP (Dynamic Host Configuration Protocol) Option 82 based user accessing authority control method
  • DHCP (Dynamic Host Configuration Protocol) Option 82 based user accessing authority control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The present invention will be further described below in conjunction with specific illustrations.

[0023] figure 1 It is a block diagram of the system network connection structure involved in the present invention, wherein the user terminal is connected to the network through the access switch, and the aggregation switch collects the information of the access switch and forwards it to the DHCP server, and the Radius server performs the DHCP request sent by the user terminal through the aggregation switch. verify. in:

[0024] 1. Aggregation switch:

[0025] 1. Support DHCP relay agent;

[0026] 2. Configure ACLs:

[0027] ACL1: permiti p1 / maks1 dst1 / mask1;

[0028] ACL2: permiti p2 / mask2 dst2 / mask2.

[0029] 2. Access switch:

[0030] 1. Enable 802.1x globally;

[0031] 2. Enable dot1x on the port and use the access control method based on DHCP Option82;

[0032] 3. Start DHCP Snooping;

[0033] 4. Start the DHCP Snooping binding function;

[0034] 5. Enabl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DHCP (Dynamic Host Configuration Protocol) Option 82 based user accessing authority control method and belongs to the field of computer data communication. The method comprises the following steps: adding Option 82 information when a DHCP Snooping module is used for monitoring a DHCP request of a user terminal; sending Option 82 authenticating information of a user by a Radius server after the user terminal successfully acquires an address and passes the authentication; reapplying an address by 802.1x, after the user terminal successfully passes the authentication; adding the authenticated Option 82 information to the DHCP request by the DHCP Snooping module; and allocating another address to the user by a DHCP server according to the Option 82 information. A hardware ACL (Access Control List) item is configured on a converging switcher, thereby limiting the resources which can be accessed by the users with different source IP addresses and further controlling the access authority of the user terminal before and after authentication.

Description

technical field [0001] The invention relates to the field of computer data communication, in particular to a DHCP Option 82-based user access authority control method. Background technique [0002] DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol), as a protocol for dynamically assigning IP addresses, is widely used in various IP networks. , Malicious assignment of IP addresses resulting in a shortage of IP resources, etc., the prior art stipulates the relay agent information option, namely Option 82, when the DHCP address request message sent by the user terminal passes through the access switch, the access switch will enter the DHCP option Add VLAN (Virtual Local Area Network, virtual local area network identification) ID, switch port number and other information, and send it to the DHCP server, so that the DHCP server can associate with user information through VLAN ID, switch port number and other information. Generally, the administrator c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 梁小冰
Owner 北京神州数码云科信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com