Configuration Guide Configuring Web Authentication
HTTP: RFC1945 and RFC2068
HTTPS: RFC2818
SNMP: RFC1157 and RFC 2578
RADIUS: RFC2865, RFC2866, and RFC3576
For the standards related to MAC SMS authentication, see the CMCC WLAN Device Interface Standards
V3.1.0_20130901 (MAC Address-Based Authentication Extension), Zhejiang CMCCWLAN Fast Authentication
Scheme – Interface Standards V1.1-2011.3.22, and WLAN Fast MAC Address-Based SMS Authentication Scheme
V1.1-2011.3.21.
1.2 Applications
Basic Scenario of Web
Authentication
Basic layer-2 authentication scenario, where a NAS, portal server, and RADIUS
server constitute an authentication system which connects a client with the NAS
through the layer-2 network.
1.2.1 Basic Scenario of Web Authentication
Scenario
See Figure 1-1.
Deploy a Web authentication scheme on the NAS.
The client connected to the NAS needs to pass Web authentication before accessing the Internet.
Figure 1-1 Networking Topology of Web Authentication
Web authentication is applicable to both layer-2 and layer-3 networks. At layer 3, the source MAC address and
VID of a packet are changed after it is routed, but the source IP address remains the same as the only identifier of
a client. Therefore, the binding policy of Web authentication on layer-3 devices must adopt the IP-only binding
mode. Here, layer-2 NAS is used as an example.
RG-SAM program is installed on the RADIUS server. RG-ePortal program is installed on the portal server.
To Next Page
Loading...
