H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

901

902

903

904

905

906

907

908

909

910

Operation Manual – Portal

H3C S7500E Series Ethernet Switches Chapter 1 Portal Configuration

1-19

2) Configure an authentication domain

# Create an ISP domain named dm1 and enter its view.

[Switch] domain dm1

# Configure the ISP domain to use RADIUS scheme rs1.

[Switch-isp-dm1] authentication portal radius-scheme rs1

[Switch-isp-dm1] authorization portal radius-scheme rs1

[Switch-isp-dm1] accounting portal radius-scheme rs1

[Switch-isp-dm1] quit

# Configure dm1 as the default ISP domain, allowing all users to share the default

authentication and accounting modes.

[Switch] domain default enable dm1

3) Configure the ACL (ACL 3000 ) for restricted resources and the ACL (ACL 3001)

for unrestricted resources

 Note:

On the security policy server, you need to specify ACL 3000 as the isolation ACL and

ACL 3001 as the security ACL.

[Switch] acl number 3000

[Switch-acl-adv-3000] rule permit ip destination 192.168.0.0 0.0.0.255

[Switch-acl-adv-3000] quit

[Switch] acl number 3001

[Switch-acl-adv-3001] rule permit ip

[Switch-acl-adv-3001] quit

4) Configure portal authentication

# Configure the portal server as follows:

z Name: newpt

z IP address: 192.168.0.111

z Key: portal

z Port number: 50100

z URL: http://192.168.0.111/portal.

[Switch] portal server newpt ip 192.168.0.111 key portal port 50100 url

http://192.168.0.111/portal

# Enable portal authentication on the interface connecting the host.

[Switch] interface vlan-interface 100

[Switch–Vlan-interface100] ip address 2.2.2.1 255.255.255.0

[Switch–Vlan-interface100] portal server newpt method direct