Table of Contents
Advertisement
[Router-dhcp-pool-pre] gateway-list 2.2.2.1
[Router-dhcp-pool-pre] network 2.2.2.0 24
[Router-dhcp-pool-pre] quit
# Enable the DHCP server on GigabitEthernet 1/0/2.
[Router] interface gigabitethernet 1/0/2
[Router–GigabitEthernet1/0/2] dhcp select server
[Router–GigabitEthernet1/0/2] quit
2.
Configure a portal preauthentication policy:
# Create a portal preauthentication policy named abc.
[Router] portal pre-auth policy abc
# Specify user attribute ACL 3010 in the portal preauthentication policy.
[Router-pre-auth-abc] user-attribute acl 3010
[Router-pre-auth-abc] quit
# In ACL 3010, configure a rule to permit access to the subnet 192.168.0.0/24.
[Router] acl advanced 3010
[Router-acl-ipv4-adv-3010] rule 1 permit ip destination 192.168.0.0 24
[Router-acl-ipv4-adv-3010] quit
# Apply portal preauthentication policy abc to GigabitEthernet 1/0/2.
[Router] interface gigabitethernet 1/0/2
[Router–GigabitEthernet1/0/2] portal apply pre-auth-policy abc
[Router–GigabitEthernet1/0/2] quit
3.
Configure portal authentication:
# Configure a portal authentication server.
[Router] portal server newpt
[Router-portal-server-newpt] ip 192.168.0.111 key simple portal
[Router-portal-server-newpt] port 50100
[Router-portal-server-newpt] quit
# Configure a portal Web server.
[Router] portal web-server newpt
[Router-portal-websvr-newpt] url http://192.168.0.111:8080/portal
[Router-portal-websvr-newpt] quit
# Enable direct portal authentication on GigabitEthernet 1/0/2.
[Router] interface gigabitethernet 1/0/2
[Router–GigabitEthernet1/0/2] portal enable method direct
# Reference the portal Web server newpt on GigabitEthernet 1/0/2.
[Router–GigabitEthernet1/0/2] portal apply web-server newpt
# Configure the BAS-IP as 2.2.2.1 for portal packets sent from GigabitEthernet 1/0/2 to the
portal authentication server.
[Router–GigabitEthernet1/0/2] portal bas-ip 2.2.2.1
[Router–GigabitEthernet1/0/2] quit
Verifying the configuration
# Verify the portal configuration by executing the display portal interface command. (Details not
shown.)
# Display information about preauthentication portal users.
[Router] display portal user pre-auth interface gigabitethernet 1/0/2
MAC
0015-e9a6-7cfe
IP
2.2.2.4
367
VLAN
Interface
--
GigabitEthernet1/0/2
Advertisement
Table of Contents
Troubleshooting
