Source-VLAN
Specify a source VLAN for the portal-free rule.
IMPORTANT:
If you configure both a source interface and a source VLAN for a portal-free rule,
make sure that the source interface is in the source VLAN. Otherwise, the
portal-free rule will not take effect.
Destination IP Address
Specify the destination IP address and mask of the portal-free rule.
Mask
Portal authentication configuration examples
Configuring Layer 2 portal authentication
Network requirements
As shown in Figure 372, a host is directly connected to a switch. The switch performs Layer 2 portal
authentication for users connected to port GigabitEthernet 1/0/1. More specifically, the requirements
are as follows:
• Use the IMC server as the remote RADIUS server for authentication, authorization and accounting.
• Use the remote DHCP server to assign IP addresses to users.
• The listening IP address of the local portal server is 4.4.4.4. The switch uses HTTP to transmit
authentication data.
• Enable authorized users to access external network resources.
Figure 372 Network diagram
Configuration prerequisites
Before configuring portal authentication, make sure the host, switch, and servers can reach each other.
Configure the RADIUS server to provide authentication/authorization/accounting functions for users. In
this example, you must create a portal user account with the account name userpt on the RADIUS server.
On the DHCP server, you must specify the IP address range (192.168.1.0/24) for address allocation,
specify the default gateway address (192.168.1.1), specify the leases for the assigned IP addresses and
make sure there is a route to the host.
To Next Page
Loading...
Need help?
General