Configuring Cross-Subnet Portal Authentication - HPE FlexNetwork 7500 Series Security Configuration Manual

# After the user passes authentication, use the following command to display information about the
portal user.
[Switch] display portal user interface vlan-interface 100
Total portal users: 1
Username: abc
Portal server: newpt
State: Online
VPN instance: N/A
MAC
0015-e9a6-7cfe
Authorization information:
DHCP IP pool: N/A
ACL: N/A
CAR: N/A

Configuring cross-subnet portal authentication

Network requirements
As shown in
Switch B. A portal server acts as both a portal authentication server and a portal Web server. A
RADIUS server acts as the authentication/accounting server.
Configure Switch A for cross-subnet portal authentication. Before passing the authentication, the
host can access only the portal Web server. After passing the authentication, the user can access
other network resources.
Figure 61 Network diagram
20.20.20.1/24
Vlan-int2
8.8.8.1/24
Host
8.8.8.2/24
Configuration prerequisites and guidelines
•
Configure IP addresses for the switch and servers as shown in
host, switch, and servers can reach each other.
•
Configure the RADIUS server correctly to provide authentication and accounting functions.
•
Make sure the IP address of the portal device added on the portal authentication server is the IP
address (20.20.20.1) of the switch's interface connecting the host. The IP address group
associated with the portal device is the subnet of the host (8.8.8.0/24).
Configuration procedure
Perform the following tasks on Switch A.
1. Configure a RADIUS scheme:
# Create a RADIUS scheme named rs1 and enter its view.
IP
20.20.20.2
Figure 61, Switch A supports portal authentication. The host accesses Switch A through
Switch A
Vlan-int2
192.168.0.100/24
Vlan-int4
Vlan-int4
20.20.20.2/24
Switch B
VLAN Interface
100 Vlan-interface100
Portal server
192.168.0.111/24
RADIUS server
192.168.0.112/24
193
Figure 61 and make sure the