130
Re-DHCP portal authentication configuration example
Network requirements
As shown in Figure 46, the host is directly connected to the switch (the access device). The host
obtains an IP address through the DHCP server. A portal server acts as both a portal authentication
server and a portal Web server. A RADIUS server acts as the authentication/accounting server.
Configure re-DHCP portal authentication. Before passing the authentication, the host is assigned a
private IP address. After passing the authentication, the host gets a public IP address and can
access network resources.
Figure 46 Network diagram
Configuration procedure
1. Configure the portal server. (Details not shown.)
2. Configure a RADIUS scheme on the switch:
a. From the navigation tree, select Security > Authentication > RADIUS.
b. Add RADIUS scheme rs1.
c. Configure the primary authentication server:
− Set the IP address to 192.168.0.113.
− Set the authentication port number to 1812.
− Set the shared key to radius.
− Set the server state to Active.
d. Configure the primary accounting server:
− Set the IP address to 192.168.0.113.
− Set the accounting port number to 1813.
− Set the shared key to radius.
− Set the server state to Active.
e. Configure the switch to not include domain names in the usernames sent to the RADIUS
server.
f. Click the Advanced settings icon on the RADIUS page.
g. Enable the session-control feature.
3. Configure an ISP domain on the switch:
a. From the navigation tree, select Security > Authentication > ISP Domains.
192.168.0.111/24
192.168.0.113/24
192.168.0.112/24
Switch
Host
automatically obtains
an IP address
Vlan-int100
20.20.20.1/24
10.0.0.1/24 sub
Vlan-int2
192.168.0.100/24
Portal Server
RADIUS server
DHCP server
To Next Page
Loading...
