Configuration prerequisites, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

527

2.

On the authentication homepage/authentication dialog box, the user enters and submits the

authentication information, which the portal server then transfers to the access device.

3.

Upon receipt of the authentication information, the access device communicates with the
authentication/accounting server for authentication and accounting.

4.

After successful authentication, the access device checks whether there is a corresponding security
policy for the user. If not, it allows the user to access the Internet. Otherwise, the client

communicates with the access device and the security policy server for security check. If the client

passes security check, the security policy server authorizes the user to access the Internet

resources.

NOTE:

The Web interface of the device supports configuring portal authentication only on Layer 3 interfaces. For
more information about portal authentication, see

H3C Access Controllers Security Configuration Guide.

Configuration prerequisites

Although the portal feature provides a solution for user identity authentication and security checking, the

portal feature cannot implement this solution by itself. RADIUS authentication needs to be configured on

the access device to cooperate with the portal feature to complete user authentication.
The prerequisites for portal authentication configuration are as follows:

•

The portal server and the RADIUS server have been installed and configured correctly. Local portal
authentication requires no independent portal server.

•

With re-DHCP authentication, the IP address check function of DHCP relay is enabled on the access
device, and the DHCP server is installed and configured correctly.

•

The portal client, access device, and servers can reach each other.

•

With RADIUS authentication, usernames and passwords of the users are configured on the RADIUS
server, and the RADIUS client configurations are performed on the access device. For information

about RADIUS client configuration, see "

Configuring RADIUS

."

•

To implement extended portal functions, install and configure IMC EAD. Make sure the ACLs
configured on the access device correspond to those specified for the resources in the quarantined
area and for the restricted resources on the security policy server. For information about security

policy server configuration on the access device, see "

Configuring RADIUS

."

Configuration procedure

Step Remarks

1. Configuring the portal service

Required.
Configure a portal server, apply the portal server to a Layer 3
interface, and configure the portal authentication parameters.
By default, no portal server is configured.

2. Configuring advanced

parameters for portal

authentication

Optional.
Specify an auto redirection URL, set the time that the device must wait

before redirecting an authenticated user to the auto redirection URL,
and add Web proxy server port numbers.