admin 发表于 2019-2-26 12:15:38

H3C-WX2510H Portal mac-trigger 认证配置

H3C-WX2510H Portal mac-trigger 认证对接OpenPortal配置



<H3C-WX2510H>sys
System View: return to User View with Ctrl+Z.
dis cur
#
version 7.1.064, Release 5226
#
sysname H3C-WX2510H
#
telnet server enable
#
dialer-group 1 rule ip permit
#
dhcp enable
#
password-recovery enable
#
vlan 1
#
vlan 100
#
vlan 200
#
dhcp server ip-pool wlan
gateway-list 172.16.0.1
network 172.16.0.0 mask 255.255.255.0
dns-list 118.118.118.9 202.98.192.67
forbidden-ip 172.16.0.1
forbidden-ip 172.16.0.10
#
interface Dialer0
ppp chap password simple 888888
ppp chap user 0851888888
dialer bundle enable
dialer-group 1
dialer timer idle 0
dialer timer autodial 60
ip address ppp-negotiate
nat outbound
#
interface NULL0
#
interface Vlan-interface100
ip address 192.168.0.20 255.255.255.0
nat outbound
undo dhcp select server
#
interface Vlan-interface200
ip address 172.16.0.1 255.255.255.0
dhcp server apply ip-pool wlan
portal enable method direct
portal domain portal
portal bas-ip 192.168.0.20
portal fail-permit server portal
portal apply web-server portal
portal apply mac-trigger-server portal
portal fail-permit web-server
portal outbound-filter enable
#
interface GigabitEthernet1/0/5
port link-mode route
description wan
shutdown
pppoe-client dial-bundle-number 0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 200 untagged
port hybrid pvid vlan 200
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 100
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 100
#
interface GigabitEthernet1/0/4
port link-mode bridge
port access vlan 100
#
scheduler logfile size 16
#
line class console
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 31
authentication-mode scheme
user-role network-operator
#
ip route-static 0.0.0.0 0 192.168.0.254
ip route-static 0.0.0.0 0 Dialer0 preference 100
#
undo info-center logfile enable
#
acl advanced 3000
rule 0 deny ip destination 47.92.229.57 0
rule 10 permit ip
#
radius session-control enable
radius nas-ip 192.168.0.20
#
radius scheme portal
primary authentication 192.168.0.1
primary accounting 192.168.0.1
key authentication simple portal
key accounting simple portal
timer realtime-accounting 5
user-name-format without-domain
nas-ip 192.168.0.20
#            
radius dynamic-author server
client ip 192.168.0.1 key simple portal
#
domain portal
authorization-attribute idle-cut 600 10240
authentication portal radius-scheme portal
authorization portal radius-scheme portal
accounting portal radius-scheme portal
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#            
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password simple admin
service-type telnet http https
authorization-attribute user-role network-admin
#
portal nas-port-id format 4
portal host-check enable
portal free-rule 0 source ip 192.168.0.1 255.255.255.255 destination ip any
portal free-rule 1 source ip any destination ip 192.168.0.1 255.255.255.255
portal free-rule 10 source ip 114.114.114.114 255.255.255.255 destination ip any
portal free-rule 11 source ip any destination ip 114.114.114.114 255.255.255.255
portal free-rule 12 source ip 118.118.118.9 255.255.255.255 destination ip any
portal free-rule 13 source ip any destination ip 118.118.118.9 255.255.255.255
portal free-rule 14 source ip 118.118.118.7 255.255.255.255 destination ip any
portal free-rule 15 source ip any destination ip 118.118.118.7 255.255.255.255
portal free-rule 16 source ip 202.98.198.167 255.255.255.255 destination ip any
portal free-rule 17 source ip any destination ip 202.98.198.167 255.255.255.255
portal free-rule 18 source ip 202.98.192.67 255.255.255.255 destination ip any
portal free-rule 19 source ip any destination ip 202.98.192.67 255.255.255.255
#
portal web-server portal
url http://192.168.0.1/html_phone_all/index.html
server-detect interval 60 retry 2 trap
server-type cmcc
url-parameter basip value 192.168.0.20
url-parameter mac source-mac
url-parameter url original-url
url-parameter vlan vlan
url-parameter wlanuserip source-address
#
portal server portal
ip 192.168.0.1 key simple portal
server-detect trap
server-type cmcc
#
ip http enable
ip https enable
#
portal mac-trigger-server portal
ip 192.168.0.1 key simple portal
server-type cmcc
binding-retry 1
aaa-fail nobinding enable
#
wlan global-configuration
#
wlan ap-group default-group
vlan 1
#
return





页: [1]
查看完整版本: H3C-WX2510H Portal mac-trigger 认证配置