HPE FlexNetwork 7500 Series Security Configuration Manual page 522
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Configuration prerequisites
•
Assign IP addresses to the host and the device as shown in
and the device can reach each other.
•
Customize the authentication pages, compress them to a file, and upload the file to the root
directory of the storage medium of the switch. In this example, the file is abc.zip.
Configuration procedure
1.
Create VLANs, assign IP addresses to the VLAN interfaces, and assign interfaces to the
VLANs. (Details not shown.)
2.
Configure a local user:
# Create a local network access user named localuser.
<Device>system-view
[Device] local-user localuser class network
# Set the password to localpass in plaintext form for user localuser.
[Device-luser-network-localuser] password simple localpass
# Authorize the user to use LAN access services.
[Device-luser-network-localuser] service-type lan-access
# Specify the user role for the user as network-admin.
[Device-luser-network-localuser] authorization-attribute user-role network-admin
[Device-luser-network-localuser] quit
3.
Configure an ISP domain:
# Create an ISP domain named local.
[Device] domain local
# Configure the ISP domain to perform local authentication, authorization, and accounting for
LAN-access users.
[Device-isp-local] authentication lan-access local
[Device-isp-local] authorization lan-access local
[Device-isp-local] accounting lan-access local
[Device-isp-local] quit
4.
Configure a local portal Web server:
# Create a local portal Web server, and configure the server use HTTP to exchange
authentication information with clients.
[Device] portal local-web-server http
# Specify file abc.zip as the default authentication page file for the local portal Web server.
(This file must exist in the root directory of the device.)
[Device-portal-local-websvr-http] default-logon-page abc.zip
# Specify the HTTP listening port number as 80 for the portal Web server.
[Device–portal-local-websvr-http] tcp-port 80
[Device-portal-local-websvr-http] quit
5.
Configure Web authentication:
# Create a Web authentication server named user.
[Device] web-auth server user
# Configure the redirection URL for the Web authentication server as http://20.20.0.1/portal/.
[Device-web-auth-server-user] url http://20.20.0.1/portal/
# Specify 20.20.0.1 as the IP address and 80 as the port number for the Web authentication
server.
[Device-web-auth-server-user] ip 20.20.0.1 port 80
[Device-web-auth-server-user] quit
Figure
508
154, and make sure the host
Advertisement
Table of Contents
Troubleshooting
