Port number: 50100
URL: http://192.168.0.1 1 1:8080/portal.
[Switch] portal server newpt ip 192.168.0.111 key simple portal port 50100 url
http://192.168.0.111:8080/portal
# Configure the switch as a DHCP relay agent, and enable the IP address check function.
[Switch] dhcp enable
[Switch] dhcp relay server-group 0 ip 192.168.0.112
[Switch] interface vlan-interface 100
[Switch–Vlan-interface100] ip address 20.20.20.1 255.255.255.0
[Switch–Vlan-interface100] ip address 10.0.0.1 255.255.255.0 sub
[Switch-Vlan-interface100] dhcp select relay
[Switch-Vlan-interface100] dhcp relay server-select 0
[Switch-Vlan-interface100] dhcp relay address-check enable
# Enable re-DHCP portal authentication on the interface connecting the host.
[Switch–Vlan-interface100] portal server newpt method redhcp
[Switch–Vlan-interface100] quit
Configuring cross-subnet portal authentication
Network requirements
As shown in
Switch A is configured for cross-subnet portal authentication. Before passing portal authentication,
•
the host can access only the portal server. After passing portal authentication, it can access Internet
resources.
The host accesses Switch A through Switch B.
•
A RADIUS server serves as the authentication/accounting server.
•
Figure 62 Network diagram
20.20.20.1/24
Vlan-int2
8.8.8.1/24
Host
8.8.8.2/24
Configuration procedure
When configuring cross-subnet portal authentication, follow these guidelines:
Configure IP addresses for the switch and servers as shown in
•
switch, and servers can reach each other.
Configure the RADIUS server properly to provide authentication and accounting functions for users.
•
Figure
62:
Switch A
Vlan-int2
192.168.0.100/24
Vlan-int4
Vlan-int4
20.20.20.2/24
Switch B
Portal server
192.168.0.111/24
RADIUS server
192.168.0.112/24
149
Figure 62
and make sure the host,