167
[Switch] portal server newpt ip 192.168.0.111 key portal port 50100 url
http://192.168.0.111:8080/portal
# Enable portal authentication on the interface connecting the host.
[Switch] interface vlan-interface 100
[Switch–Vlan-interface100] portal server newpt method direct
[Switch–Vlan-interface100] quit
Configuring re-DHCP portal authentication with extended
functions
Network requirements
As shown in Figure 70:
• The host is directly connected to the switch and the switch is configured for re-DHCP authentication.
The host is assigned with an IP address through the DHCP server. Before passing portal
authentication, the host uses an assigned private IP address. After passing portal authentication, the
host can get a public IP address.
• If the host fails security check after passing identity authentication, the host can access only subnet
192.168.0.0/24. After passing the security check, the host can access Internet resources.
• A RADIUS server serves as the authentication/accounting server.
Figure 70 Network diagram
Host
automatically obtains
an IP address
192.168.0.111/24
192.168.0.113/24
192.168.0.112/24
Switch
Vlan-int100
20.20.20.1/24
10.0.0.1/24 sub
Vlan-int2
192.168.0.100/24
Portal server
RADIUS server
DHCP server
192.168.0.114/24
Security policy server
Configuration procedure
To Next Page
Loading...
Need help?
General