Configuring cross-subnet portal authentication, Network requirements, Configuration prerequisites and guidelines – H3C Technologies H3C S6300 Series Switches User Manual

119

http://192.168.0.111:8080/portal and all Web requests will be redirected to the authentication page.

After passing the authentication, the user can access Internet resources.
After the user passes authentication, you can use the following command to display information about

the portal user.

[Switch] display portal user interface vlan-interface 100

Total portal users: 1

Username: abc

Portal server: newpt

State: Online

Authorization ACL: None

VPN instance: --

MAC IP VLAN Interface

0015-e9a6-7cfe 20.20.20.2 100 Vlan-interface100

Configuring cross-subnet portal authentication

Network requirements

As shown in

Figure 48

, Switch A supports portal authentication. The host accesses Switch A through

Switch B. A portal server serves as both a portal authentication server and a portal Web server. A

RADIUS server serves as the authentication/accounting server.
Configure Switch A for cross-subnet portal authentication. Before passing the authentication, the host can

access only the portal Web server. After passing the authentication, the user can access Internet

resources.

Figure 48 Network diagram

Configuration prerequisites and guidelines

•

Configure IP addresses for the switch and servers as shown in

Figure 48

and make sure the host,

switch, and servers can reach each other.

•

Configure the RADIUS server properly to provide authentication and accounting functions.

•

Make sure the IP address of the portal device added on the portal authentication server is the IP
address (20.20.20.1) of the switch's interface connecting the host. The IP address group associated

with the portal device is the subnet of the host (8.8.8.0/24).

Configuration procedure

Perform the following tasks on Switch A.