n
Portal+ Direct
Authentication
Configuration Examples
Configuration procedure
IP addresses are configured for devices as required and routes are available
■
between devices before the portal feature is enabled.
The following only describes the major configurations of the portal
■
authentication supported by a Layer 3 device. For the configurations about the
RADIUS scheme and ISP domain, refer to
Configuration Examples" on page
Configure Router A:
# Configure the portal server as follows:
Name: newpt
■
IP address: 192.168.0.111
■
Key: portal
■
Port number: 50100
■
URL: http://192.168.0.111/portal.
■
<Router> system-view
[Router] portal server newpt ip 192.168.0.111 key portal port 50100
url http://192.168.0.111/portal
# Enable portal authentication on the interface attached to Router B.
[Router] interface ethernet 1/0
[Router-Ethernet1/0] ip address 20.20.20.1 255.255.255.0
[Router-Ethernet1/0] portal server newpt method layer3 service-type normal
[Router-Ethernet1/0] quit
# Configure the IP address of the interface which communicates with the portal
server.
[Router] interface ethernet 1/1
[Router-Ethernet1/1] ip address 192.168.0.100 255.255.255.0
[Router-Ethernet1/1] quit
Router B is configured with a default route to the subnet 192.168.0.0/24 and the
next hop is 20.20.20.1. The specific configurations are omitted.
Network requirements
The router is configured with portal+ direct authentication. Users obtain IP
■
addresses through the DHCP server. When users have passed identity
authentication but have not passed security authentication, they can only
access subnet 192.168.0.0/24. After they pass the security authentication,
users can access external networks.
A RADIUS server serves as the authentication/accounting server.
■
The security policy server is required for portal+ authentication.
■
Portal Configuration Examples (on Routers)
"Portal Direct Authentication
1861.
1865