Configuring Direct Portal Authentication Using The Local Portal Web Server - HP FlexNetwork 10500 Series Security Configuration Manual

State: Online
VPN instance: vpn3
MAC
0000-0000-0000
Authorization information:
DHCP IP pool: N/A
ACL: N/A
CAR: N/A
Configuring direct portal authentication using the local portal
Web server
Network requirements
As shown in
assigned a public IP address either manually or through DHCP. The switch acts as both a portal
authentication
authentication/accounting server.
Configure direct portal authentication on the switch. Before a user passes portal authentication, the
user can access only the local portal Web server. After passing portal authentication, the user can
access other network resources.
Figure 67 Network diagram
Configuration prerequisites and guidelines
•
Configure IP addresses for the host, switch, and server as shown in
they can reach each other.
•
Configure the RADIUS server correctly to provide authentication and accounting functions.
•
Customize the authentication pages, compress them to a file, and upload the file to the root
directory of the storage medium of the switch.
Configuration procedure
1. Configure a RADIUS scheme:
# Create a RADIUS scheme named rs1 and enter its view.
<Switch> system-view
[Switch] radius scheme rs1
# Specify the primary authentication server and primary accounting server, and configure the
keys for communication with the servers.
[Switch-radius-rs1] primary authentication 192.168.0.112
[Switch-radius-rs1] primary accounting 192.168.0.112
[Switch-radius-rs1] key authentication simple radius
[Switch-radius-rs1] key accounting simple radius
# Exclude the ISP domain name from the username sent to the RADIUS server.
[Switch-radius-rs1] user-name-format without-domain
[Switch-radius-rs1] quit
IP
3.3.0.1
Figure 67, the host is directly connected to the switch (the access device). The host is
server and a
VLAN Interface
3 Vlan-interface3
portal Web server.
186
A RADIUS server
Figure 67
acts as the
and make sure