H3CACV7在接口下配置Portal认证-创新互联
[Nington_WX3510H_01]dis current-configuration
#
version 7.1.064, Release 5117P14
#
sysname Nington_WX3510H_01
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
irf auto-merge enable
irf member 1 priority 1
#
dhcp enable
dhcp server forbidden-ip 10.123.160.1
dhcp server forbidden-ip 10.123.160.254
dhcp server forbidden-ip 10.123.161.1
#
password-recovery enable
#
vlan 1
#
vlan 30
name server
vlan 160
name ap
#
vlan 161
name yewu
#
irf-port 1
#
dhcp server ip-pool ap
gateway-list 10.123.160.1
network 10.123.160.0 mask 255.255.255.0
dns-list 114.114.114.114
#
dhcp server ip-pool client
gateway-list 10.123.161.1
network 10.123.161.0 mask 255.255.255.0
dns-list 114.114.114.114
#
wlan service-template 1
ssid ND_H3CV7_LY
vlan 161
service-template enable
interface NULL0
#
interface Vlan-interface1
#
interface Vlan-interface160
ip address 10.123.160.1 255.255.255.0
#
interface Vlan-interface161
ip address 10.123.161.1 255.255.255.0
portal enable method direct
portal domain h4c
portal bas-ip 10.123.161.1
portal apply web-server am
portal apply mac-trigger-server ndkey
#
interface GigabitEthernet1/0/1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 30 160 to 161
#
interface GigabitEthernet1/0/2
port access vlan 160
interface GigabitEthernet1/0/3
port access vlan 30
#
interface GigabitEthernet1/0/4
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
#
scheduler logfile size 16
#
line class console
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 31
authentication-mode scheme
user-role network-operator
#
ip route-static 0.0.0.0 0 10.123.160.254
#
undo info-center logfile enable
#
radius session-control enable
#
radius scheme ndkey
primary authentication 192.168.222.192
primary accounting 192.168.222.192
key authentication cipher $c$3$ClvnzXNvJ4PpSXqebcZteQ2oKWOCJhCCAcaI
key accounting cipher $c$3$8vEW89B7vX89KWhLYj1i9i8HcwfI92FWkdSZ
user-name-format without-domain
nas-ip 10.123.161.1
#
radius dynamic-author server
client ip 192.168.222.192 key cipher $c$3$KNxbCQYq4Rn0oNh7CHZrwSt6c34fkEm97XBJ
#
domain h4c
authentication portal radius-scheme ndkey
authorization portal radius-scheme ndkey
accounting portal radius-scheme ndkey
#
domain system
#
domain default enable h4c
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$ey/uCDUk7m/eB+jx$0UepqE4Q46BMbZ7GrirRfhIUvBI/wLULX7YumphlgHk4EVos8RV4LZ8Ht7/TAlPXANTN5wWjwY+2k4jZguwKsA==
service-type telnet http https
authorization-attribute user-role network-admin
#
portal free-rule 1 source ip any destination ip 192.168.3.0 255.255.255.0
portal free-rule 2 source ip any destination ip 8.8.8.8 255.255.255.255
portal free-rule 3 source ip any destination ip 10.123.160.0 255.255.255.0
portal free-rule 4 source ip any destination ip 114.114.114.0 255.255.255.0
portal free-rule 5 source ip any destination ip 192.168.222.0 255.255.255.0
#
portal web-server am
url http://192.168.222.192:8080/am/portal/serviceId/SN1727240520/ac/H3CV7/ssid/ND_H3CV7_LY
server-type cmcc
url-parameter ssid ssid
url-parameter wlanacname value AC
url-parameter wlanuserip source-address
url-parameter wlanusermac source-mac
#
portal server am
ip 192.168.222.192 key cipher $c$3$i5xPYE7u5raqnCiogF0PONSz9EB6brmzDZn9
server-type cmcc
#
ip http enable
ip https enable
#
portal mac-trigger-server ndkey
ip 192.168.222.192
server-type cmcc
aaa-fail nobinding enable
#
wlan auto-ap enable
wlan auto-persistent enable
#
wlan global-configuration
firmware-upgrade enable
wlan ap-group default-group
vlan 1
#
wlan ap ap-01 model WA4320i-ACN
serial-id 210235A1GPC163001309
vlan 1
radio 1
radio enable
service-template 1
radio 2
radio enable
service-template 1
gigabitethernet 1
gigabitethernet 2
#
return
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
分享标题:H3CACV7在接口下配置Portal认证-创新互联
文章链接:http://scjbc.cn/article/pheij.html