Aaa for portal users by a radius server, Network requirements, Configuration prerequisites – H3C Technologies H3C SecPath F1000-E User Manual

231

Error: Invalid configuration or no response from the authentication server.

Info: Change authentication mode to local.

Password:

Å Enter the password for local privilege level switch authentication

User privilege level is 3, and only those commands can be used

whose level is equal or less than this.

Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE

AAA for portal users by a RADIUS server

Network requirements

As shown in

Figure 171

, the host automatically obtains a public network IP address through DHCP.

Configure SecPath to:

•

Use the RADIUS server for authentication, authorization, and accounting of portal users.

•

Provide direct portal authentication so that the host can access only the portal server before passing
portal authentication and can access the Internet after passing portal authentication.

•

Include the domain name in a username sent to the RADIUS server.

On the RADIUS server, add a service that charges 120 dollars for up to 120 hours per month, configure

a user with the name dot1x@bbb, and assign the service to the user.
Set the shared keys for secure RADIUS communication to expert. Set the ports for
authentication/authorization and accounting to 1812 and 1813, respectively.

Figure 171 Network diagram

Configuration prerequisites

Configure IP addresses for the devices as shown in

Figure 171

and make sure the devices can reach each

other.

Configuring the RADIUS server on IMC PLAT 3.20

This section uses IMC PLAT 3.20-R2606, IMC UAM 3.60-E6206, and IMC CAMS 3.60-E6206.

1.

Add SecPath to IMC as an access device:

a.

Log in to IMC, click the Service tab, and then select Access Service > Access Device from the
navigation tree.

b.

Click Add to configure an access device as follows:
Set the shared keys for authentication and accounting to expert.