--
Layer3 source network:
IP address
Destination authenticate subnet:
IP address
Before passing portal authentication, a user that uses the HPE iNode client can access only the
authentication page http://192.168.0.111:8080/portal. All Web requests from the user will be
redirected to the authentication page.
•
The user can access the resources permitted by ACL 3000 after passing only identity
authentication.
•
The user can access Internet resources permitted by ACL 3001 after passing both identity
authentication and security check.
# After the user passes identity authentication and security check, use the following command to
display information about the portal user.
[Router] display portal user interface gigabitethernet 2/0/2
Total portal users: 1
Username: abc
Portal server: newpt
State: Online
VPN instance: N/A
MAC
0015-e9a6-7cfe
Authorization information:
DHCP IP pool: N/A
Session group profile: N/A
ACL: 3001
CAR: N/A
Configuring extended re-DHCP portal authentication
Network requirements
As shown in
obtains an IP address through the DHCP server. A portal server acts as both a portal authentication
server and a portal Web server. A RADIUS server acts as the authentication/accounting server.
Configure extended re-DHCP portal authentication. Before passing portal authentication, the host is
assigned a private IP address. After passing portal identity authentication, the host obtains a public
IP address and accepts security check. If the host fails the security check, it can access only subnet
192.168.0.0/24. After passing the security check, the host can access Internet resources.
--
IP
2.2.2.2
Figure
65, the host is directly connected to the router (the access device). The host
VLAN
Interface
--
GigabitEthernet2/0/2
176
--
Prefix length
Prefix length