H3CACV7在接口下配置Portal认证
[Nington_WX3510H_01]dis current-configuration
#
version 7.1.064, Release 5117P14
#
sysname Nington_WX3510H_01
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
irf auto-merge enable
irf member 1 priority 1
#
dhcp enable
dhcp server forbidden-ip 10.123.160.1
dhcp server forbidden-ip 10.123.160.254
dhcp server forbidden-ip 10.123.161.1
#
password-recovery enable
#
vlan 1
#
vlan 30
name server
创新互联是一家专注于网站设计制作、成都网站建设与策划设计,定边网站建设哪家好?创新互联做网站,专注于网站建设十多年,网设计领域的专业建站公司;建站业务涵盖:定边等地区。定边做网站价格咨询:18982081108
vlan 160
name ap
#
vlan 161
name yewu
#
irf-port 1
#
dhcp server ip-pool ap
gateway-list 10.123.160.1
network 10.123.160.0 mask 255.255.255.0
DNS-list 114.114.114.114
#
dhcp server ip-pool client
gateway-list 10.123.161.1
network 10.123.161.0 mask 255.255.255.0
dns-list 114.114.114.114
#
wlan service-template 1
ssid ND_H3CV7_LY
vlan 161
service-template enable
interface NULL0
#
interface Vlan-interface1
#
interface Vlan-interface160
ip address 10.123.160.1 255.255.255.0
#
interface Vlan-interface161
ip address 10.123.161.1 255.255.255.0
portal enable method direct
portal domain h4c
portal bas-ip 10.123.161.1
portal apply web-server am
portal apply mac-trigger-server ndkey
#
interface GigabitEthernet1/0/1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 30 160 to 161
#
interface GigabitEthernet1/0/2
port access vlan 160
interface GigabitEthernet1/0/3
port access vlan 30
#
interface GigabitEthernet1/0/4
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
#
scheduler logfile size 16
#
line class console
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 31
authentication-mode scheme
user-role network-operator
#
ip route-static 0.0.0.0 0 10.123.160.254
#
undo info-center logfile enable
#
radius session-control enable
#
radius scheme ndkey
primary authentication 192.168.222.192
primary accounting 192.168.222.192
key authentication cipher $c$3$ClvnzXNvJ4PpSXqebcZteQ2oKWOCJhCCAcaI
key accounting cipher $c$3$8vEW89B7vX89KWhLYj1i9i8HcwfI92FWkdSZ
user-name-format without-domain
nas-ip 10.123.161.1
#
radius dynamic-author server
client ip 192.168.222.192 key cipher $c$3$KNxbCQYq4Rn0oNh7CHZrwSt6c34fkEm97XBJ
#
domain h4c
authentication portal radius-scheme ndkey
authorization portal radius-scheme ndkey
accounting portal radius-scheme ndkey
#
domain system
#
domain default enable h4c
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$ey/uCDUk7m/eB+jx$0UepqE4Q46BMbZ7GrirRfhIUvBI/wLULX7YumphlgHk4EVos8RV4LZ8Ht7/TAlPXANTN5wWjwY+2k4jZguwKsA==
service-type telnet http https
authorization-attribute user-role network-admin
#
portal free-rule 1 source ip any destination ip 192.168.3.0 255.255.255.0
portal free-rule 2 source ip any destination ip 8.8.8.8 255.255.255.255
portal free-rule 3 source ip any destination ip 10.123.160.0 255.255.255.0
portal free-rule 4 source ip any destination ip 114.114.114.0 255.255.255.0
portal free-rule 5 source ip any destination ip 192.168.222.0 255.255.255.0
#
portal web-server am
url http://192.168.222.192:8080/am/portal/serviceId/SN1727240520/ac/H3CV7/ssid/ND_H3CV7_LY
server-type cmcc
url-parameter ssid ssid
url-parameter wlanacname value AC
url-parameter wlanuserip source-address
url-parameter wlanusermac source-mac
#
portal server am
ip 192.168.222.192 key cipher $c$3$i5xPYE7u5raqnCiogF0PONSz9EB6brmzDZn9
server-type cmcc
#
ip http enable
ip https enable
#
portal mac-trigger-server ndkey
ip 192.168.222.192
server-type cmcc
aaa-fail nobinding enable
#
wlan auto-ap enable
wlan auto-persistent enable
#
wlan global-configuration
firmware-upgrade enable
wlan ap-group default-group
vlan 1
#
wlan ap ap-01 model WA4320i-ACN
serial-id 210235A1GPC163001309
vlan 1
radio 1
radio enable
service-template 1
radio 2
radio enable
service-template 1
gigabitethernet 1
gigabitethernet 2
#
return
当前标题:H3CACV7在接口下配置Portal认证
分享路径:http://hbruida.cn/article/ghjiei.html