Table of Contents
Advertisement
Operation Manual - Security
Quidway S3500 Series Ethernet Switches
Before passing the Portal authentication, the user PC is allocated a private
address. After passing the Portal authentication, the user PC need to apply for a
public address before accessing the Internet.
II. Network diagram
User PC
172.21.1.2/16
Gateway address: 172.21.1.1
Figure 2-3 Network diagram for Portal Re-DHCP authentication
III. Configuration procedure
Note:
The following describes the re-DHCP authentication configuration. For the
configurations of the RADIUS scheme, ISP domain and Portal server, refer to
section 2.2.3 "Portal Direct Authentication Configuration Example".
Create address pools on the DHCP Server: 172.21.0.0/16 (public network) and
18.21.0.0/16 (private network). The detail configurations are not described here.
In the operating mode of re-DHCP, the switch should be configured as a DHCP
Relay instead of a DHCP Server, and its VLAN interface for Portal enabling should
be configured with a primary and secondary IP addresses for public and private
networks.
# Configure the Portal operating mode as re-DHCP authentication.
[Quidway] portal method redhcp
# Configure VLAN 3.
[Quidway] vlan 3
[Quidway-vlan3] port ethernet 0/3
[Quidway] interface vlan-interface 3
[Quidway-Vlan-interface3] ip address 172.21.1.1 255.255.0.0
[Quidway-Vlan-interface3] ip address 18.21.1.1 255.255.0.0 sub
Internet
Internet
Ethernet0/10
Ethernet0/1
VLAN 3
Ethernet0/3
vlan -interface 3
-
Ethernet0/2
Switch
172.21.1.1/16
Huawei Technologies Proprietary
vlan-interface 2
-
192.168.1.160/16
Portal server
192.168.1.200/16
VLAN 2
RADIUS authentication/accounting server/DHCP Server
192.168.1.100/16
2-9
Chapter 2 Portal Configuration
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
