EasyManuals Logo

HP 5500 HI Series User Manual

HP 5500 HI Series
444 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #193 background imageLoading...
Page #193 background image
180
Figure 69 Network diagram
Configuration procedures
Follow these guidelines to configure Layer 2 portal authentication:
• Make sure that the host, switch, and servers can reach each other before portal authentication is
enabled.
• Configure the RADIUS server properly to provide normal authentication/authorization/accounting
functions for users. In this example, you must create a portal user account with the account name
userpt on the RADIUS server, and configure an authorized VLAN for the account.
• On the DHCP server, you must specify the IP address ranges (192.168.1.0/24, 3.3.3.0/24,
2.2.2.0/24), specify the default gateway addresses (192.168.1.1, 3.3.3.1, 2.2.2.1), exclude the
update server's address 2.2.2.2 from the address ranges for address allocation, specify the leases
for the assigned IP addresses and make sure there is a route to the host. To shorten the IP address
update time in case of an authentication state change, set a short lease for each address.
• Because the DHCP server and the DHCP client are not in the same subnet, you need to configure
a DHCP relay agent on the subnet of the client. For more information about DHCP relay agent, see
Layer 3—IP Services Configuration Guide.
Perform the following configuration on the switch to implement Layer 2 portal authentication:
1. Configure portal authentication:
# Add Ethernet ports to related VLANs and configure IP addresses for the VLAN interfaces. (Details
not shown.)
# Configure PKI domain pkidm, and apply for a local certificate and CA certificate. For more
configuration information, see "Configuring PKI."
# Edit the user
-defined authentication pages file, compress it into a zip file named defaultfile, and
save the file in the root directory of the access device.
# Configure SSL server policy sslsvr, and specify to use PKI domain pkidm.
<Switch> system-view
[Switch] ssl server-policy sslsvr
[Switch-ssl-server-policy-sslsvr] pki pkidm
[Switch-ssl-server-policy-sslsvr] quit
IP network
RADIUS server
Switch
1.1.1.2/24
Host
Vlan-int3
3.3.3.1
Vlan-int8
192.168.1.1/24
GE1/0/1
Vlan-int1
1.1.1.1
DHCP server
Update server
2.2.2.2/24
1.1.1.3/24
(DHCP relay)
Vlan-int2
2.2.2.1/24

Table of Contents

Other manuals for HP 5500 HI Series

Preview: Command Reference
Command Reference292 pages
Preview: Installation Guide
Installation Guide72 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5500 HI Series and is the answer not in the manual?

HP 5500 HI Series Specifications

General IconGeneral
BrandHP
Model5500 HI Series
CategorySwitch
LanguageEnglish

Related product manuals