You are here: Home > CLI Commands > Just_CLI_Topics > aaa ipv6 user add

aaa ipv6 user add

aaa ipv6 user add <ipv6addr>

authentication-method {dot1x|stateful-dot1x}

mac <macaddr>

name <username>
profile <aaa-profile>

role <role>

Description

This command manually assigns a user role or other values to a specified IPv6 client.

Syntax

Parameter

Description

<ipv6addr>

IPv6 address of the user to be added.

authentication-method

Authentication method for the client.

dot1x

802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.

stateful-dot1x

Stateful 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.

mac <macaddr>

MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address of the client.

name <username>

Name of the client.

profile <aaa-profile>

AAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile for the client.

role <role>

User role for the client.

Usage Guidelines

This command should only be used for troubleshooting issues with a specific IPv6 client. This command allows you to manually assign a client to a role. For example, you can create a role “debugging” that includes a policy to mirror session packets to a specified destination for further examination, then use this command to assign the “debugging” role to a specific client. Use the aaa ipv6 user delete command to remove the client or device from the role.

 

Issuing this command does not affect ongoing sessions that the client may already have. For example, if a client is in the “employee” role when you assign them to the “debugging” role, the client continues any sessions allowed with the “employee” role. Use the aaa ipv6 user clear-sessions command to clear ongoing sessions.

Example

The following commands create a role that logs HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. traffic, then assign the role to a specific IPv6 client:

(host) [\md] (config) #ip access-list session ipv6-log-https

(host) [\md] (config-submode) #any any svc-https permit log

(host) [\md] (config) #user-role ipv6-web-debug

(host) [\md] (config-submode) #session-acl ipv6-log-https

 

(host) [\md] (config) #aaa ipv6 user add 2002:d81f:f9f0:1000:e409:9331:1d27:ef44 role ipv6-web-debug

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Enable mode on Mobility Master.

/*]]>*/