HPE FlexNetwork MSR Series Configuration Manual page 243
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 7 layer 3 - ip services configuration manuals (554 pages) ,
- Comware 5 security configuration manual (547 pages)
Table of Contents
Advertisement
[Router-acl-ipv4-adv-3010] rule 1 permit ip destination 192.168.0.0 24
[Router-acl-ipv4-adv-3010] quit
# Configure preauthentication domain abc on GigabitEthernet 1/0/2.
[Router] interface gigabitethernet 1/0/2
[Router–GigabitEthernet1/0/2] portal pre-auth domain abc
[Router–GigabitEthernet1/0/2] quit
2.
Configure DHCP relay and authorized ARP.
# Configure DHCP relay.
[Router] dhcp enable
[Router] dhcp relay client-information record
[Router] interface gigabitethernet 1/0/2
[Router–GigabitEthernet1/0/2] ip address 20.20.20.1 255.255.255.0
[Router–GigabitEthernet1/0/2] ip address 10.0.0.1 255.255.255.0 sub
[Router-GigabitEthernet1/0/2] dhcp select relay
[Router-GigabitEthernet1/0/2] dhcp relay server-address 192.168.0.112
# Enable authorized ARP.
[Router-GigabitEthernet1/0/2] arp authorized enable
[Router-GigabitEthernet1/0/2] quit
3.
Configure portal authentication:
# Configure a portal authentication server.
[Router] portal server newpt
[Router-portal-server-newpt] ip 192.168.0.111 key simple portal
[Router-portal-server-newpt] port 50100
[Router-portal-server-newpt] quit
# Configure a portal Web server.
[Router] portal web-server newpt
[Router-portal-websvr-newpt] url http://192.168.0.111:8080/portal
[Router-portal-websvr-newpt] quit
# Enable re-DHCP portal authentication on GigabitEthernet 1/0/2.
[Router] interface gigabitethernet 1/0/2
[Router–GigabitEthernet1/0/2] portal enable method redhcp
# Reference the portal Web server newpt on GigabitEthernet 1/0/2.
[Router–GigabitEthernet1/0/2] portal apply web-server newpt
# Configure the BAS-IP as 20.20.20.1 for portal packets sent from GigabitEthernet 1/0/2 to the
portal authentication server.
[Router–GigabitEthernet1/0/2] portal bas-ip 20.20.20.1
[Router–GigabitEthernet1/0/2] quit
Verifying the configuration
# Verify the portal configuration by executing the display portal interface command. (Details not
shown.)
# Display information about preauthentication portal users.
[Router] display portal user pre-auth interface gigabitethernet 1/0/2
MAC
0015-e9a6-7cfe
State: Online
VPN instance: --
DHCP IP pool: N/A
IP
10.10.10.4
227
VLAN
Interface
--
GigabitEthernet1/0/2
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?