Configuration prerequisites, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 548
527
2.
On the authentication homepage/authentication dialog box, the user enters and submits the
authentication information, which the portal server then transfers to the access device.
3.
Upon receipt of the authentication information, the access device communicates with the
authentication/accounting server for authentication and accounting.
4.
After successful authentication, the access device checks whether there is a corresponding security
policy for the user. If not, it allows the user to access the Internet. Otherwise, the client
communicates with the access device and the security policy server for security check. If the client
passes security check, the security policy server authorizes the user to access the Internet
resources.
NOTE:
The Web interface of the device supports configuring portal authentication only on Layer 3 interfaces. For
more information about portal authentication, see
H3C Access Controllers Security Configuration Guide.
Configuration prerequisites
Although the portal feature provides a solution for user identity authentication and security checking, the
portal feature cannot implement this solution by itself. RADIUS authentication needs to be configured on
the access device to cooperate with the portal feature to complete user authentication.
The prerequisites for portal authentication configuration are as follows:
•
The portal server and the RADIUS server have been installed and configured correctly. Local portal
authentication requires no independent portal server.
•
With re-DHCP authentication, the IP address check function of DHCP relay is enabled on the access
device, and the DHCP server is installed and configured correctly.
•
The portal client, access device, and servers can reach each other.
•
With RADIUS authentication, usernames and passwords of the users are configured on the RADIUS
server, and the RADIUS client configurations are performed on the access device. For information
about RADIUS client configuration, see "
•
To implement extended portal functions, install and configure IMC EAD. Make sure the ACLs
configured on the access device correspond to those specified for the resources in the quarantined
area and for the restricted resources on the security policy server. For information about security
policy server configuration on the access device, see "
."
Configuration procedure
Step Remarks
1. Configuring the portal service
Required.
Configure a portal server, apply the portal server to a Layer 3
interface, and configure the portal authentication parameters.
By default, no portal server is configured.
Optional.
Specify an auto redirection URL, set the time that the device must wait
before redirecting an authenticated user to the auto redirection URL,
and add Web proxy server port numbers.