# After the user passes authentication, use the following command to display information about the
portal user.
[SwitchA] display portal user interface vlan-interface 4
Total portal users: 1
Username: abc
Portal server: newpt
State: Online
VPN instance: N/A
MAC
0000-0000-0000
Authorization information:
DHCP IP pool: N/A
ACL: N/A
CAR: N/A
Configuring extended direct portal authentication
Network requirements
As shown in
assigned a public IP address either manually or through DHCP. A portal server acts as both a portal
authentication
authentication/accounting server.
Configure extended direct portal authentication. If the host fails security check after passing identity
authentication, it can access only subnet 192.168.0.0/24. After passing security check, the host can
access other network resources.
Figure 64 Network diagram
Host
2.2.2.2/24
Gateway: 2.2.2.1/24
Configuration prerequisites
•
Configure IP addresses for the host, switch, and servers as shown in
they can reach each other.
•
Configure the RADIUS server correctly to provide authentication and accounting functions.
Configuration procedure
Perform the following tasks on the switch.
1.
Configure a RADIUS scheme:
# Create a RADIUS scheme named rs1 and enter its view.
IP
8.8.8.2
Figure
64, the host is directly connected to the switch (the access device). The host is
server
and
a
Vlan-int100
Vlan-int2
2.2.2.1/24
192.168.0.100/24
Switch
VLAN
Interface
4
Vlan-interface4
portal
Web
server.
Portal server
192.168.0.111/24
RADIUS server
192.168.0.112/24
Security policy server
192.168.0.113/24
212
A
RADIUS
server
Figure 64
acts
as
the
and make sure