Configuring Direct Portal Authentication Using Local Portal Web Server - HPE FlexNetwork 7500 Series Security Configuration Manual

[Switch] portal server newpt
[Switch-portal-server-newpt] ip 192.168.0.111 key simple portal
[Switch-portal-server-newpt] port 50100
[Switch-portal-server-newpt] quit
# Configure a portal Web server.
[Switch] portal web-server newpt
[Switch-portal-websvr-newpt] url http://192.168.0.111:8080/portal
[Switch-portal-websvr-newpt] quit
# Enable re-DHCP portal authentication on VLAN-interface 100.
[Switch] interface vlan-interface 100
[Switch-Vlan-interface100] portal enable method redhcp
# Reference the portal Web server newpt on VLAN-interface 100.
[Switch–Vlan-interface100] portal apply web-server newpt
# Configure the BAS-IP as 20.20.20.1 for portal packets sent from VLAN-interface 100 to the
portal authentication server.
[Switch–Vlan-interface100] portal bas-ip 20.20.20.1
[Switch–Vlan-interface100] quit
Verifying the configuration
# Verify the portal configuration by executing the display portal interface command. (Details not
shown.)
# Display information about preauthentication portal users.
[Switch] display portal user pre-authenticate interface vlan-interface 100
MAC
0015-e9a6-7cfe
State: Online
VPN instance: --
Authorization information:
DHCP IP pool: N/A
ACL number: 3010
Inbound CAR: N/A
Outbound CAR: N/A
Configuring direct portal authentication using local portal
Web server
Network requirements
As shown in
assigned a public IP address either manually or through DHCP. The switch acts as both a portal
authentication
authentication/accounting server.
Configure direct portal authentication on the switch. Before a user passes portal authentication, the
user can access only the local portal Web server. After passing portal authentication, the user can
access other network resources.
IP
10.10.10.4
Figure 74, the host is directly connected to the switch (the access device). The host is
server and a
VLAN Interface
100 Vlan-interface100
portal Web server.
218
A RADIUS server acts as the