Table of Contents
Advertisement
Operation Manual - Security
Quidway S3500 Series Ethernet Switches
Before passing the Portal authentication, the user PC is allocated a private
address. After passing the Portal authentication, the user PC need to apply for a
public address before accessing the Internet.
II. Network diagram
User PC
172.21.1.2/16
Gateway address: 172.21.1.1
Figure 2-3 Network diagram for Portal Re-DHCP authentication
III. Configuration procedure
Note:
The following describes the re-DHCP authentication configuration. For the
configurations of the RADIUS scheme, ISP domain and Portal server, refer to
section
Create address pools on the DHCP Server: 172.21.0.0/16 (public network) and
18.21.0.0/16 (private network). The detail configurations are not described here.
In the operating mode of re-DHCP, the switch should be configured as a DHCP
Relay instead of a DHCP Server, and its VLAN interface for Portal enabling should
be configured with a primary and secondary IP addresses for public and private
networks.
# Configure the Portal operating mode as re-DHCP authentication.
[Quidway] portal method redhcp
# Configure VLAN 3.
[Quidway] vlan 3
[Quidway-vlan3] port ethernet 0/3
[Quidway] interface vlan-interface 3
[Quidway-Vlan-interface3] ip address 172.21.1.1 255.255.0.0
[Quidway-Vlan-interface3] ip address 18.21.1.1 255.255.0.0 sub
Internet
Internet
Ethernet0/10
VLAN 3
Ethernet0/3
vlan -interface 3
-
Switch
172.21.1.1/16
2.2.3 "Portal Direct Authentication Configuration
Huawei Technologies Proprietary
vlan-interface 2
-
192.168.1.160/16
Ethernet0/1
Portal server
192.168.1.200/16
VLAN 2
Ethernet0/2
RADIUS authentication/accounting server/DHCP Server
192.168.1.100/16
2-9
Chapter 2 Portal Configuration
Example".
Hide quick links:
Advertisement
Table of Contents
