Table of Contents
Advertisement
DHCP IP pool: N/A
User profile: N/A
Session group profile: N/A
ACL: 3001
Inbound CAR: N/A
Outbound CAR: N/A
Inbound priority: N/A
Outbound priority: N/A
Example: Configuring extended re-DHCP portal
authentication
Network configuration
As shown in
obtains an IP address through the DHCP server. A portal server acts as both a portal authentication
server and a portal Web server. A RADIUS server acts as the authentication/accounting server.
Configure extended re-DHCP portal authentication. Before passing portal authentication, the host is
assigned a private IP address. After passing portal identity authentication, the host obtains a public
IP address and accepts security check. If the host fails the security check, it can access only subnet
192.168.0.0/24. After passing the security check, the host can access other network resources.
Figure 113 Network diagram
Configuration prerequisites and guidelines
•
Configure IP addresses for the router and servers as shown in
host, router, and servers can reach each other.
•
Configure the RADIUS server correctly to provide authentication and accounting functions.
•
For re-DHCP portal authentication, configure a public address pool (20.20.20.0/24) and a
private address pool (10.0.0.0/24) on the DHCP server. (Details not shown.)
•
For re-DHCP portal authentication:
The router must be configured as a DHCP relay agent.
The portal-enabled interface must be configured with a primary IP address (a public IP
address) and a secondary IP address (a private IP address).
For information about DHCP relay agent configuration, see "Configuring DHCP."
Figure
113, the host is directly connected to the router (the access device). The host
349
Figure 113
and make sure the
Advertisement
Table of Contents
Troubleshooting
