Configuration procedure – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 412
36-16
The wireless client (belongs to VLAN 2) accesses the network through the AP, which belongs to
VLAN 3. The serial number of the AP is 210235A29G007C000020.
AC supports the local portal server, which runs HTTPS. The local portal server can push the
corresponding customized pages according to the SSID of the user logon interface.
A RADIUS server (CAMS/iMC server) serves as the authentication/accounting server.
The client must pass direct portal authentication to access unrestricted Internet resources. Before
authentication, the client can access only the local portal server.
Figure 36-12 Configure direct portal authentication using the local portal server
Configuration procedure
Before performing portal configurations, be sure to:
Configure IP addresses for the client, AC, and server as shown in
and ensure that
they can reach each other.
Configure PKI domain test, and make sure that a local certificate and a CA certificate are obtained
successfully. For more information, see
Complete the editing of the authentication page files to be bound with the client SSID.
Configure the RADIUS server properly to provide normal authentication/accounting functions for
users.
It is not recommended to assign the wireless client and the AP to the same network segment.
Otherwise, when portal authentication is configured on the network segment, the AP cannot
establish a CAPWAP connection with the AC unless you configure a portal-free rule for the AP.
Perform the following configurations on the AC:
1) Configure the RADIUS scheme system
# Specify the RADIUS authentication server.
From the navigation tree, select Authentication > RADIUS to enter the RADIUS server
configuration page.