Aaa for 802.1x users by a radius server, Network requirements – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

80

[AC-isp-dm1] authorization portal radius-scheme rs1

[AC-isp-dm1] accounting portal radius-scheme rs1

[AC-isp-dm1] quit

•

Configure portal authentication

# Configure the portal server.

[AC] portal server newpt ip 10.1.1.1 key portal port 50100 url http://10.1.1.1:8080/portal

[AC] portal free-rule 0 source interface Ten-GigabitEthernet1/0/1 destination any

# Enable portal authentication on the interface connecting the wireless client.

[AC] interface vlan-interface 2

[AC-Vlan-interface2] portal server newpt method direct

# Specify the portal authentication domain.

[AC–Vlan-interface2] portal domain dm1

[AC–Vlan-interface2] quit

6.

Verify the configuration

The user can initiate portal authentication by using the iNode client or by accessing a web page. All the
initiated web requests will be redirected to the portal authentication page at http://10.1.1.1:8080/portal.

Before passing portal authentication, the user can access only the authentication page. After passing

portal authentication, the user can access the Internet.
After the user passes the portal authentication, use the following command to view the portal user
information on the AC.

[AC] display portal user interface vlan-interface 2

Index:19

State:ONLINE

SubState:NONE

ACL:NONE

Work-mode:stand-alone

MAC IP Vlan Interface

---------------------------------------------------------------------

0015-e9a6-7cfe 192.168.1.58 2 Vlan-interface2

Total 1 user(s) matched, 1 listed.

# Use the display connection command to view the connection information on the AC.

[AC] display connection

Index=20 ,Username=portal@dm1

IP=192.168.1.58

IPv6=N/A

MAC=00-15-E9-A6-7C-FE

Total 1 connection(s) matched.

AAA for 802.1X users by a RADIUS server

Network requirements

As shown in

Figure 37

, configure the AC to use the RADIUS server to perform authentication,

authorization, and accounting for 802.1X users.