Configuring Re-Dhcp Portal Authentication With Extended Functions - HP 3600 v2 Series Configuration Manual

# Configure domain dm1 as the default ISP domain for all users. Then, if a user enters the
username without the ISP domain at logon, the authentication and accounting methods of the
default domain are used for the user.
[Switch] domain default enable dm1
3. Configure the ACL (ACL 3000 ) for resources on subnet 192.168.0.0/24 and the ACL (ACL 3001)
for Internet resources:
[Switch] acl number 3000
[Switch-acl-adv-3000] rule permit ip destination 192.168.0.0 0.0.0.255
[Switch-acl-adv-3000] rule deny ip
[Switch-acl-adv-3000] quit
[Switch] acl number 3001
[Switch-acl-adv-3001] rule permit ip
[Switch-acl-adv-3001] quit
On the security policy server, specify ACL 3000 as the isolation ACL and ACL 3001 as the security
ACL.
4. Configure portal authentication:
# Configure the portal server as follows:
Name: newpt
IP address: 192.168.0.1 1 1
Key: portal in plain text
Port number: 50100
URL: http://192.168.0.1 1 1:8080/portal
[Switch] portal server newpt ip 192.168.0.111 key simple portal port 50100 url
http://192.168.0.111:8080/portal
# Enable portal authentication on the interface connecting the host.
[Switch] interface vlan-interface 100
[Switch–Vlan-interface100] portal server newpt method direct
[Switch–Vlan-interface100] quit
Configuring re-DHCP portal authentication with extended
functions
Network requirements
As shown in
The host is directly connected to the switch and the switch is configured for re-DHCP authentication.
•
The host is assigned with an IP address through the DHCP server. Before passing portal
authentication, the host uses an assigned private IP address. After passing portal authentication, the
host can get a public IP address.
If the host fails security check after passing identity authentication, the host can access only subnet
•
192.168.0.0/24. After passing the security check, the host can access Internet resources.
• A RADIUS server serves as the authentication/accounting server.
Figure 54:
164