Manualshelf

R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
101102103104105106107108109110
104
[Firewall–GigabitEthernet0/1] portal server newpt method redhcp
[Firewall–GigabitEthernet0/1] quit
Configuring Layer 3 portal authentication
Network requirements
As shown in Figure 77:
Firewall A is configured for Layer 3 portal authentication. Before passing portal authentication,
users can access only the portal server. After passing portal authentication, they can access Internet
resources.
The host accesses Firewall A through Firewall B.
A RADIUS server serves as the authentication/accounting server.
Figure 77 Configure Layer 3 portal authentication
Configuration procedure
NOTE:
Configure IP addresses for the host, firewalls, and servers as shown in Figure 77 an
d ensure that they
can reach each other.
Configure the RADIUS server properly to provide authentication and accounting functions for users.
Configure Firewall A:
1. Configure a RADIUS scheme
# Create a RADIUS scheme named rs1 and enter its view.
<FirewallA> system-view
[FirewallA] radius scheme rs1
# Set the server type for the RADIUS scheme. When using the IMC server, you need set the server type
to extended.
[FirewallA-radius-rs1] server-type extended
# Specify the primary authentication server and primary accounting server, and configure the keys for
communication with the servers.
[FirewallA-radius-rs1] primary authentication 192.168.0.112
[FirewallA-radius-rs1] primary accounting 192.168.0.112
[FirewallA-radius-rs1] key authentication radius