Network requirements – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 200
186
[AC] portal server newpt ip 192.168.0.111 key portal port 50100 url
http://192.168.0.111/portal
# Configure the AC as a DHCP relay agent, and enable the invalid address check function.
[AC] dhcp enable
[AC] dhcp relay server-group 0 ip 192.168.0.112
[AC] interface vlan-interface 1
[AC–Vlan-interface1] ip address 20.20.20.1 255.255.255.0
[AC–Vlan-interface1] ip address 10.0.0.1 255.255.255.0 sub
[AC-Vlan-interface1] dhcp select relay
[AC-Vlan-interface1] dhcp relay server-select 0
[AC-Vlan-interface1] dhcp relay address-check enable
# On the interface connected to the client, specify the authentication domain dm1 for portal users,
and enable re-DHCP portal authentication.
[AC-Vlan-interface1] portal domain dm1
[AC–Vlan-interface1] portal server newpt method redhcp
[AC–Vlan-interface1] quit
Configuring direct portal authentication with extended
functions
Network requirements
As shown in
, the wireless user (Client) belongs to VLAN 10 and the AP belongs to VLAN 3.
The AC performs direct portal authentication for wireless users. If the client fails security check after it
passes identity authentication, the client can access only subnet 192.168.0.0/24. After the client passes
security check, the client can access Internet resources.
Use a RADIUS server as the authentication/accounting server.
Figure 87 Network diagram