<p>Disclosed are a method and system for network access control. After a visitor makes an access request, an access controller in a target network processes the access request and initiates an authentication request for the identity of the visitor to an authentication server via the visitor; the access controller in the target network completes the authentication for the identity of the visitor according to the publishable authentication results of the authentication server forwarded by the visitor, and performs authorization management for the visitor with successful authentication according to authorization strategies. Thus the problem in the prior art that access control cannot be implemented caused when an access controller cannot directly use the authentication services provided by an authentication server is solved, and the requirements of practical application are satisfied.</p>