Network requirements, Configuration prerequisites and guidelines – H3C Technologies H3C S6300 Series Switches User Manual

132

[SwitchA] display portal user interface vlan-interface 4

Total portal users: 1

Username: abc

Portal server: newpt

State: Online

Authorization ACL: 3001

VPN instance: --

MAC IP VLAN Interface

0015-e9a6-7cfe 8.8.8.2 4 Vlan-interface4

Configuring portal server detection and portal user

synchronization

Network requirements

As shown in

Figure 52

, the host is directly connected to the switch (the access device). The host is

assigned with a public IP address either manually or through DHCP. A portal server serves as both a
portal authentication server and a portal Web server. A RADIUS server serves as the

authentication/accounting server.
Configure direct portal authentication on the switch, so the host can access only the portal server before

passing the authentication and access Internet resources after passing the authentication.
Configure the switch to do the following:

•

Detect the reachability state of the portal authentication server.

•

Send log messages upon state changes.

•

Disable portal authentication when the authentication server is unreachable.

•

Synchronize portal user information with the portal server periodically.

Figure 52 Network diagram

Configuration prerequisites and guidelines

•

Configure IP addresses for the switch and servers as shown in

Figure 52

and make sure the host,

switch, and servers can reach each other.

•

Configure the RADIUS server properly to provide authentication and accounting functions.

•

Configure the portal authentication server. Be sure to enable the server heartbeat function and the
user heartbeat function.

•

Configure the switch (access device) as follows: