Configuring layer 3 portal authentication, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

Page 25

[Device] domain default enable dm1

Step3

Configure portal authentication

# Configure the portal server as follows:

•

Name: newpt

•

IP address: 192.168.0.111

•

Key: portal

•

Port number: 50100

•

URL: http://192.168.0.111:8080/portal.

[Device] portal server newpt ip 192.168.0.111 key portal port 50100 url

http://192.168.0.111:8080/portal

# Configure Device as a DHCP relay agent, and enable the IP address match check function.

[Device] dhcp enable

[Device] dhcp relay server-group 0 ip 192.168.0.112

[Device] interface gigabitethernet 0/2

[Device–GigabitEthernet0/2] ip address 20.20.20.1 255.255.255.0

[Device–GigabitEthernet0/2] ip address 10.0.0.1 255.255.255.0 sub

[Device-GigabitEthernet0/2] dhcp select relay

[Device-GigabitEthernet0/2] dhcp relay server-select 0

[Device-GigabitEthernet0/2] dhcp relay address-check enable

# Enable re-DHCP portal authentication on the interface connecting the host.

[Device–GigabitEthernet0/2] portal server newpt method redhcp

[Device–GigabitEthernet0/2] quit

Configuring Layer 3 Portal Authentication

Network requirements

As shown in

Figure 11

•

Device A is configured for Layer 3 portal authentication. Before passing portal authentication, a
user using the host can access only the portal server. After passing portal authentication, the user

can access Internet resources.

•

The host accesses Device A through Device B.

•

A RADIUS server serves as the authentication/accounting server.

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecBlade FW Cards H3C SecPath U200-A U200-M U200-S