156
Status : Up
The Up state of the portal server indicates that the portal server is reachable. If the access device detects
that the portal server is unreachable, you can see the portal server status is Down in the output, and the
access device generates a server unreachable trap "portal server newpt lost" and disables portal
authentication on the access interface, so the client can access the external network without
authentication.
Configuring Layer 2 portal authentication
Network requirements
As shown in Figure 70, a host is directly connected to a switch. The switch performs Layer 2 portal
authentication on users connected to port GigabitEthernet 1/0/1. More specifically,
• Use the remote RADIUS server for authentication, authorization and accounting.
• Use the remote DHCP server to assign IP addresses to users.
• The listening IP address of the local portal server is 4.4.4.4. The local portal server pushes the
user-defined authentication pages to users and uses HTTPS to transmit authentication data.
• Add users passing authentication to VLAN 3.
• Add users failing authentication to VLAN 2, to allow the users to access resources on the update
server.
• The host obtains an IP address through DHCP. Before authentication, the DHCP server assigns an IP
address in segment 192.168.1.0/24 to the host. When the host passes the authentication, the DHCP
server assigns an IP address in segment 3.3.3.0/24 to the host. When the host fails authentication,
the DHCP server assigns an IP address in segment 2.2.2.0/24 to the host.
Figure 65 Network diagram
Configuration procedures
IP network
RADIUS server
Switch
1.1.1.2/24
Host
Vlan-int3
3.3.3.1
Vlan-int8
192.168.1.1/24
GE1/0/1
Vlan-int1
1.1.1.1
DHCP server
Update server
2.2.2.2/24
1.1.1.3/24
(DHCP relay)
Vlan-int2
2.2.2.1/24
To Next Page
Loading...
Need help?
General