Configuration prerequisites, Configuring a portal authentication server, Required.) – H3C Technologies H3C S6300 Series Switches User Manual
Page 110
95
Configuration prerequisites
The portal feature provides a solution for user identity authentication and security check. To complete
user identity authentication, portal must cooperate with RADIUS.
The prerequisites for portal authentication configuration are as follows:
•
The portal authentication server, portal Web server, and RADIUS server have been installed and
configured properly.
•
To use the re-DHCP portal authentication mode, make sure the DHCP relay agent is enabled on the
access device, and the DHCP server is installed and configured properly.
•
The portal client, access device, and servers can reach each other.
•
To use the remote RADIUS server, configure usernames and passwords on the RADIUS server, and
configure the RADIUS client on the access device. For information about RADIUS client
configuration, see "
."
•
To implement extended portal functions, install and configure CAMS EAD or IMC EAD. Make sure
the ACLs configured on the access device correspond to the isolation ACL and the security ACL on
the security policy server. For information about security policy server configuration on the access
device, see "
." For installation and configuration about the security policy server,
see CAMS EAD Security Policy Component User Manual or IMC EAD Security Policy Help.
Configuring a portal authentication server
Perform this task to configure the following portal authentication server parameters:
•
IP address of the portal authentication server
•
Shared encryption key used between the device and the portal authentication server
•
Destination UDP port number used by the device to send unsolicited portal packets to the portal
authentication server
The device supports multiple portal authentication servers.
Do not delete a portal authentication server in use. Otherwise, users authenticated by that server cannot
log out normally.
To configure a portal authentication server:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Create a portal
authentication server, and
enter its view.
portal server server-name
By default, no portal
authentication server is created.
3.
Specify the IP address of
the portal authentication
server.
•
To specify an IPv4 portal server:
ip ipv4-address [ key { cipher |
simple } key-string ]
•
To specify an IPv6 portal server:
ipv6 ipv6-address [ key { cipher |
simple } key-string ]
Specify an IPv4 portal
authentication server, an IPv6
authentication portal server, or
both.
By default, no portal
authentication server is
specified.