beautypg.com

H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 171

background image

157

With re-DHCP authentication, the IP address check function of the DHCP relay agent is enabled on

the access device, and the DHCP server is installed and configured properly.

The portal client, access device, and servers have IP connectivity between each other.

With RADIUS authentication, usernames and passwords of the users are configured on the RADIUS

server, and the RADIUS client configurations are performed on the access device. For information
about RADIUS client configuration, see "Configuring AAA."

To implement extended portal functions, install and configure IMC EAD, and make sure that the
ACLs configured on the access device correspond to those specified for the resources in the

quarantined area and for the restricted resources on the security policy server. For information

about security policy server configuration on the access device, see "Configuring AAA."

NOTE:

For installation and configuration about the security policy server, see

IMC EAD Security Policy Help.

The ACL for resources in the quarantined area and that for restricted resources correspond to isolation
ACL and security ACL on the security policy server, respectively.

You can modify the authorized ACLs on the access device. However, your changes take effect only for
portal users logging on after the modification.

Specifying a portal server for Layer 3 portal

authentication

This task allows you to specify the portal server parameters for Layer 3 portal authentication, including
the portal server IP address, shared encryption key, server port, and the URL address for web

authentication. According to the networking environment, you can configure a remote portal server or a

local portal server as needed.

To configure a remote portal server, you must specify the IP address of the remote portal server.

To use the local portal server of the access device, you must specify the IP address of a Layer 3
interface on the device as the portal server's IP address, and the specified interface must have IP

connectivity to the client.

To specify a portal server for Layer 3 authentication:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Specify a portal server and

configure related parameters.

portal server server-name ip
ip-address [ key key-string | port

port-id | server-type { cmcc | imc }

| url url-string ] *

By default, no portal server is
specified.
The specified server name and URL
string cannot contain these

characters:
? < > \ '' % ' & #