Configuring portal authentication, Configuration prerequisites, Recommended configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 402
386
2.
On the authentication homepage/authentication dialog box, the user enters and submits the
authentication information, which the portal server then transfers to the access device.
3.
Upon receipt of the authentication information, the access device communicates with the
authentication/accounting server for authentication and accounting.
4.
After successful authentication, the access device checks whether there is a corresponding security
policy for the user. If not, it allows the user to access the Internet. Otherwise, the client
communicates with the access device and the security policy server for security check. If the client
passes security check, the security policy server authorizes the user to access the Internet
resources.
NOTE:
The web interface of the device supports configuring portal authentication only on Layer 3 interfaces. For
more information about portal authentication, see
H3C WX Series Access Controllers Security
Configuration Guide.
Configuring portal authentication
Configuration prerequisites
The portal feature provides a solution for user identity authentication and security checking. However, the
portal feature cannot implement this solution by itself. RADIUS authentication needs to be configured on
the access device to cooperate with the portal feature to complete user authentication.
The prerequisites for portal authentication configuration are as follows:
•
The portal authentication-enabled interfaces of the access device are configured with valid IP
addresses or have obtained valid IP addresses through DHCP.
•
The portal server and the RADIUS server have been installed and configured properly. Local portal
authentication requires no independent portal server.
•
With re-DHCP authentication, the invalid IP address check function of DHCP relay is enabled on the
access device, and the DHCP server is installed and configured properly.
•
With RADIUS authentication, usernames and passwords of the users are configured on the RADIUS
server, and the RADIUS client configurations are performed on the access device. For information
about RADIUS client configuration, see "
•
To implement extended portal functions, install and configure IMC EAD, and make sure that the
ACLs configured on the access device correspond to those specified for the resources in the
quarantined area and for the restricted resources on the security policy server. For information
about security policy server configuration on the access device, see "
Recommended configuration procedure
Step Remarks
1. Configuring the portal service
Required.
Configure a portal server, apply the portal server to a Layer 3
interface, and configure the portal authentication parameters.
By default, no portal server is configured.