HP FlexNetwork 10500 Series Security Configuration Manual page 121
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Configuration manual (512 pages) ,
- Specifications (42 pages) ,
- Datasheet (20 pages)
Table of Contents
Advertisement
•
The intranet 192.168.1.0/24 is attached to GigabitEthernet 1/0/1 of the access device.
•
The hosts use DHCP to obtain IP addresses.
•
A DHCP server and a Web server are deployed on the 192.168.2.0/24 subnet for users to
obtain IP addresses and download client software.
Deploy an EAD solution for the intranet to meet the following requirements:
•
Allow unauthenticated users and users who have failed 802.1X authentication to access
192.168.2.0/24. The users can obtain IP addresses and download software.
•
If these users use a Web browser to access a network other than 192.168.2.0/24, redirect them
to the Web server for 802.1X client downloading.
•
Allow authenticated 802.1X users to access the network.
Figure 39 Network diagram
Configuration procedure
1.
Make sure the DHCP server, the Web server, and the authentication servers have been
configured correctly. (Details not shown.)
2.
Configure an IP address for each interface. (Details not shown.)
3.
Configure DHCP relay:
# Enable DHCP.
<Device> system-view
[Device] dhcp enable
# Enable the DHCP relay agent on VLAN-interface 2.
[Device] interface vlan-interface 2
[Device-Vlan-interface2] dhcp select relay
# Specify the DHCP server 192.168.2.2 on the relay agent interface VLAN-interface 2.
[Device-Vlan-interface2] dhcp relay server-address 192.168.2.2
[Device-Vlan-interface2] quit
4.
Configure a RADIUS scheme:
# Create RADIUS scheme 2000 and enter RADIUS scheme view.
[Device] radius scheme 2000
107
Advertisement
Table of Contents
Troubleshooting
