华为S5700对接OpenPortal Portal协议WEB认证WIFI认证系统+磊科普通无线路由器 配置...
光猫+自动拨号TP-Link小路由当上层设备+华为S5700对接OpenPortal Portal协议WEB认证WIFI认证系统+磊科普通无线路由器 配置实例Version V200R001C00SPC300 版本不支持携带URL参数
#
!Software Version V200R001C00SPC300
sysname LeeSon-SW
#
undo info-center enable
#
dns resolve
dns server 118.118.118.7
dns server 202.100.199.8
dns server 114.114.114.114
#
vlan batch 10 100
#
web-auth-server version v2
portal free-rule 0 source ip 192.168.0.1 mask 255.255.255.255
portal free-rule 1 destination ip 192.168.0.1 mask 255.255.255.255
portal free-rule 2 source ip 192.168.0.254 mask 255.255.255.255
portal free-rule 3 destination ip 192.168.0.254 mask 255.255.255.255
portal free-rule 4 destination ip 118.118.118.7 mask 255.255.255.255
portal free-rule 5 source ip 118.118.118.7 mask 255.255.255.255
portal free-rule 6 source ip 114.114.114.114 mask 255.255.255.255
portal free-rule 7 destination ip 114.114.114.114 mask 255.255.255.255
portal free-rule 8 destination ip 202.100.199.8 mask 255.255.255.255
portal free-rule 9 source ip 202.100.199.8 mask 255.255.255.255
portal free-rule 10 source ip 192.168.0.2 mask 255.255.255.255
portal free-rule 11 destination ip 192.168.0.2 mask 255.255.255.255
portal free-rule 12 destination ip 192.168.0.10 mask 255.255.255.255
portal free-rule 13 source ip 192.168.0.10 mask 255.255.255.255
portal free-rule 14 source ip 192.168.0.250 mask 255.255.255.255
portal free-rule 15 destination ip 192.168.0.250 mask 255.255.255.255
portal free-rule 16 destination ip 140.240.184.133 mask 255.255.255.255
portal free-rule 17 source ip 140.240.184.133 mask 255.255.255.255
portal free-rule 18 destination ip 118.118.118.7 mask 255.255.255.255 source any
portal free-rule 19 destination any source interface GigabitEthernet0/0/4
#
http server load s5700si-v200r001c00.001.web.zip
#
dhcp enable
#
radius-server template radius
radius-server shared-key simple LeeSon
radius-server authentication 192.168.0.1 1812
radius-server accounting 192.168.0.1 1813
radius-server retransmit 2
#
web-auth-server openportal
server-ip 192.168.0.1
port 50100
shared-key cipher %$%$!,1mT4sLzWV\$fECI"KEy-$x%$%$
url http://192.168.0.1
#
aaa
authentication-scheme default
authentication-scheme radius
authentication-mode radius
authorization-scheme default
accounting-scheme default
accounting-scheme radius
accounting-mode radius
domain default
domain default_admin
domain leeson.com
authentication-scheme radius
accounting-scheme radius
radius-serverradius
local-user admin password cipher %$%$O9hP7mbf4Q#E\vU4j#wX3ypg%$%$
local-user admin service-type http
local-user leeson password cipher %$%$O=R4~lG)}EEN<c.0DQ\Ly4+"%$%$
local-user leeson privilege level 15
#
interface Vlanif10
ip address 10.0.0.1 255.255.255.0
#
interface Vlanif100
ip address 192.168.0.250 255.255.255.0
web-auth-server openportal direct
portal domain leeson.com
dhcp select relay
dhcp relay server-ip 192.168.0.254
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/5
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/6
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/7
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/8
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/9
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/10
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/11
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/12
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/13
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/14
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/15
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/16
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/17
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/18
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/19
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/20
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/21
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/22
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/23
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 10
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet0/0/4
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$)L,GTX+8I.;5Q~@"&DpX,RI@CS9j,%=Sl5!rRC*r4x9J"XOJ%$%$
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
user-interface vty 16 20
#
port-group alle
group-member GigabitEthernet0/0/1
group-member GigabitEthernet0/0/2
group-member GigabitEthernet0/0/3
group-member GigabitEthernet0/0/4
group-member GigabitEthernet0/0/5
group-member GigabitEthernet0/0/6
group-member GigabitEthernet0/0/7
group-member GigabitEthernet0/0/8
group-member GigabitEthernet0/0/9
group-member GigabitEthernet0/0/10
group-member GigabitEthernet0/0/11
group-member GigabitEthernet0/0/12
group-member GigabitEthernet0/0/13
group-member GigabitEthernet0/0/14
group-member GigabitEthernet0/0/15
group-member GigabitEthernet0/0/16
group-member GigabitEthernet0/0/17
group-member GigabitEthernet0/0/18
group-member GigabitEthernet0/0/19
group-member GigabitEthernet0/0/20
group-member GigabitEthernet0/0/21
group-member GigabitEthernet0/0/22
group-member GigabitEthernet0/0/23
group-member GigabitEthernet0/0/24
#
return
S5700升级后,Version V200R005C00SPC500 支持携带参数
#
sysname LeeSon-SW
#
undo info-center enable
#
dns resolve
dns server 118.118.118.7
dns server 202.100.199.8
dns server 114.114.114.114
#
vcmp role silent
#
vlan batch 10 100
#
lnp disable
#
undo authentication unified-mode
#
domain leeson.com
#
telnet server enable
telnet ipv6 server enable
#
http server load s5700si-v200r005c00spc500.web.7z
#
undo management-port isolate enable
undo management-plane isolate enable
#
dhcp enable
#
radius-server template radius
radius-server shared-key cipher %@%@P>*mOKaAQNNV70Op&:K9s&8m%@%@
radius-server authentication 192.168.0.1 1812 weight 80
radius-server accounting 192.168.0.1 1813 weight 80
radius-server retransmit 2
#
url-template name openportal
url http://192.168.0.1
url-parameter user-mac mac redirect-url url sysname nasname user-ipaddress wlanuserip
url-parameter mac-address format delimiter : normal
#
web-auth-server openportal
server-ip 192.168.0.1
port 50100
shared-key cipher %@%@D|-|-2Wpt$c0bd]d".>))%@%@
url http://192.168.0.1
url-template openportal
#
aaa
authentication-scheme default
authentication-scheme radius
authentication-mode radius
authorization-scheme default
accounting-scheme default
accounting-scheme radius
accounting-mode radius
domain default
domain default_admin
domain leeson.com
authentication-scheme radius
accounting-scheme radius
radius-server radius
local-user admin password irreversible-cipher %@%@i5+*Q]e1jOIgu.)+>.E!o7rL!tS)&6q{1=C&;v5uA!Z)7rOo%@%@
local-user admin privilege level 15
local-user admin service-type telnet http
local-user leeson password irreversible-cipher %@%@n2R,AhiG/R1#c>>jL1u/p1BGlJZV~O,$L#yD84&o~8>81BJp%@%@
local-user leeson privilege level 15
local-user leeson service-type telnet http
local-user lishuo password irreversible-cipher %@%@GY2h3cG!o4_dr(*WnBo%WH1kDBSq/"YW9-p\aa-whY/<H1nW%@%@
local-user lishuo privilege level 15
local-user lishuo service-type telnet http
#
interface Vlanif10
ip address 10.0.0.1 255.255.255.0
#
interface Vlanif100
ip address 192.168.0.250 255.255.255.0
web-auth-server openportal direct
dhcp select relay
dhcp relay server-ip 192.168.0.254
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/5
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/6
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/7
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/8
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/9
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/10
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/11
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/12
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/13
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/14
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/15
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/16
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/17
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/18
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/19
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/20
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/21
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/22
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/23
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 10
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet0/0/4
#
ssh server compatible-ssh1x enable
#
web-auth-server version v2
portal free-rule 0 source ip 192.168.0.1 mask 255.255.255.255
portal free-rule 1 destination ip 192.168.0.1 mask 255.255.255.255
portal free-rule 2 source ip 192.168.0.254 mask 255.255.255.255
portal free-rule 3 destination ip 192.168.0.254 mask 255.255.255.255
portal free-rule 4 destination ip 118.118.118.7 mask 255.255.255.255
portal free-rule 5 source ip 118.118.118.7 mask 255.255.255.255
portal free-rule 6 source ip 114.114.114.114 mask 255.255.255.255
portal free-rule 7 destination ip 114.114.114.114 mask 255.255.255.255
portal free-rule 8 destination ip 202.100.199.8 mask 255.255.255.255
portal free-rule 9 source ip 202.100.199.8 mask 255.255.255.255
portal free-rule 10 source ip 192.168.0.2 mask 255.255.255.255
portal free-rule 11 destination ip 192.168.0.2 mask 255.255.255.255
portal free-rule 12 destination ip 192.168.0.10 mask 255.255.255.255
portal free-rule 13 source ip 192.168.0.10 mask 255.255.255.255
portal free-rule 14 source ip 192.168.0.250 mask 255.255.255.255
portal free-rule 15 destination ip 192.168.0.250 mask 255.255.255.255
portal free-rule 16 destination ip 140.240.184.133 mask 255.255.255.255
portal free-rule 17 source ip 140.240.184.133 mask 255.255.255.255
portal free-rule 18 destination ip 118.118.118.7 mask 255.255.255.255 source any
portal free-rule 19 destination any source interface GigabitEthernet0/0/4
#
user-interface con 0
authentication-mode password
set authentication password cipher @%@%!'"/22O3L7H\t(M>:R4Myy=itER,GfG*U!`UKbWqOC6Oy=ly@%@%
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
protocol inbound all
user-interface vty 16 20
protocol inbound telnet
#
port-group alle
group-member GigabitEthernet0/0/1
group-member GigabitEthernet0/0/2
group-member GigabitEthernet0/0/3
group-member GigabitEthernet0/0/4
group-member GigabitEthernet0/0/5
group-member GigabitEthernet0/0/6
group-member GigabitEthernet0/0/7
group-member GigabitEthernet0/0/8
group-member GigabitEthernet0/0/9
group-member GigabitEthernet0/0/10
group-member GigabitEthernet0/0/11
group-member GigabitEthernet0/0/12
group-member GigabitEthernet0/0/13
group-member GigabitEthernet0/0/14
group-member GigabitEthernet0/0/15
group-member GigabitEthernet0/0/16
group-member GigabitEthernet0/0/17
group-member GigabitEthernet0/0/18
group-member GigabitEthernet0/0/19
group-member GigabitEthernet0/0/20
group-member GigabitEthernet0/0/21
group-member GigabitEthernet0/0/22
group-member GigabitEthernet0/0/23
group-member GigabitEthernet0/0/24
#
return
页:
[1]