Abstract: Disclosed are a communication managing method and a communication system, when an authentication of the user terminal is passed or the user information of the user terminal is changed, an AAA server sends the user information including authorization information of the user terminal to a service control server corresponding to the user terminal, the service control server performs the policy control on the service of the user terminal according to the user information, the realization process is simple and easy to be extended, which improves the processing efficiency and reduces the press of the service control server; meanwhile, in the above-mentioned scheme, the AAA server can send the user formation to the service control server independently, and it is not required that the authentication server must exist, thereby it can provide a wider application, provide a more flexible service development way for the operator, and further improve the processing efficiency.

Abstract: Disclosed is a portal device management method, and the method includes: an instance connection between a portal client and a pre-configured portal server is established through capability negotiation; and each of the portal client and the pre-configured portal server having the instance connection established therebetween announces its information to its opposite end.

Abstract: The present invention relates to the field of communications. Disclosed are an 802.1X access session keepalive method, device, and system. The method comprises: during network access of a 802.1X client, an authenticating node used for access authentication sending, to the 802.1X client according to an actual keepalive period of the authenticating node, a keepalive request message used for determining whether the 802.1X client is off-net abnormally; and during a preset duration of the authenticating node, if the authenticating node does not receive a keepalive response message from the 802.1X client in response to the keepalive request message, the authenticating node determining that the 802.1X client is off-net abnormally; otherwise, determining that the 802.1X client is on-net normally. The embodiments of the present invention improve network resource utilization, reduce the security problem caused by too heavy load of the authenticating node, and lower the risk of errors in charging on time.

Abstract: Provided are a method and device for authenticating a static user terminal. The method comprises: an identity request message used for acquiring a user identity of the static user terminal is sent to the static user terminal; a response message is received from the static user terminal, wherein the response message carries the user identity of the static user terminal; and, an Extensible Authentication Protocol (EAP) authentication is performed on the static user terminal according to the user identity of the static user terminal. The present disclosure solves the problem in the related art of low security in the authentication on the static user terminal access the network, thus achieving the effects of increasing the security and reliability in the authentication on the static user terminal accessing the network and improving the WLAN service using experience of the static user.

Abstract: A method and apparatus for keeping alive an L2TP tunnel state are provided, where the method includes: an active device and an opposite-end device establish an L2TP tunnel, the active device transmits to a standby device an interactive L2TP control message between the active device and the opposite-end device, and the active device performs corresponding processing on the L2TP control message only after having received a response about having stored the L2TP control message sent by the standby device; and when active-standby switching occurs between the active device and the standby device, the standby device connects to the opposite-end device via the L2TP tunnel, and performs corresponding processing according to the L2TP control message which has already been stored.

Abstract: A method for controlling an access point in a wireless local area network (WLAN) and a communication system, the method includes: authenticating an access point; after the authentication succeeds, delivering an access controller list to the access point; the access point selecting an access controller from the access controller list according to a preset rule, and communicating with the selected access controller. Only in the case that the access point is successfully authenticated is the access controller list sent to the successfully-authenticated access point, thus solving the problem that the information of the access controller is leaked out because of delivering the access controller list to an illegitimately-set access point, and ensuring the security of network device information.

Abstract: A method and system for a wireless local area network user accessing a fixed broadband network, the method includes: a broadband network gateway (BNG) device initiating an identity authenticating process to an authentication authorization accounting (AAA) server for a wireless local area network (WLAN) user; after the AAA server successfully authenticates the WLAN user, the BNG device acquiring a mobility identifier of the WLAN user from the AAA server; after receiving the mobility identifier of the WLAN user, the BNG device allowing the mobility access of the WLAN user.

Abstract: A method for a Wireless Local Area Network (WLAN) user to access a fixed network is disclosed, which includes: after the WLAN user is authenticated successfully, a Broadband Network Gateway (BNG) sends obtained user subscription information to a WLAN device; and after the WLAN device performs related configuration according to the user subscription information, a WLAN user terminal accesses a network. A system for a WLAN user to access a fixed network is also disclosed. The present disclosure can solve the problem that a WLAN network cannot perceive the user subscription information and further cannot provide differentiated services based on different users and different subscription information because a WLAN user passes through BNG authentication.