H3C ICG2000B 对接 OpenPortal 实现WEB Portal认证教程
#
version 5.20, Release 2511P02
#
sysname ER
#
clock timezone Beijing add 08:00:00
#
domain default enable linsen.com
#
telnet server enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
portal server portal ip 192.168.106.128 key cipher $c$3$2I6HChCLPZzThGj5+2cT5m+5CwC4d5sSlg== url http://192.168.106.128
portal free-rule 1 source ip any destination ip 192.168.100.240 mask 255.255.255.255
portal free-rule 2 source ip any destination ip 192.168.106.128 mask 255.255.255.255
portal free-rule 3 source ip any destination ip 114.114.114.114 mask 255.255.255.255
portal server portal server-detect method http action permit-all interval 600 retry 5
#
password-recovery enable
#
vlan 1
#
vlan 100 to 102
#
vlan 106
#
radius scheme rad
server-type extended
primary authentication 192.168.106.128
primary accounting 192.168.106.128
key authentication cipher $c$3$G2POzB7qn/HAVuHj+A+1fSqdxVOyUQ5xow==
key accounting cipher $c$3$xiW6U4WH4BNCBCY899BOf3lY/cWQerqJ4Q==
user-name-format without-domain
#
domain linsen.com
authentication portal radius-scheme rad
authorization portal radius-scheme rad
accounting portal radius-scheme rad
access-limit disable
state active
idle-cut disable
self-service-url disable
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool ap
network 192.168.100.0 mask 255.255.255.0
gateway-list 192.168.100.254
#
dhcp server ip-pool free
network 192.168.101.0 mask 255.255.255.0
gateway-list 192.168.101.254
dns-list 192.168.100.240
#
dhcp server ip-pool free2
network 192.168.102.0 mask 255.255.255.0
gateway-list 192.168.102.254
dns-list 192.168.100.240
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$akHlLDH3iUX1HqTH4luuIhnByVHHiujp6ZrNSA==
authorization-attribute level 3
service-type telnet
service-type web
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
cwmp
undo cwmp enable
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Cellular0/0
async mode protocol
link-protocol ppp
#
interface Ethernet0/0
port link-mode route
#
interface Ethernet0/1
port link-mode route
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.1.1 255.255.255.0
#
interface Vlan-interface100
ip address 192.168.100.254 255.255.255.0
#
interface Vlan-interface101
ip address 192.168.101.254 255.255.255.0
portal server portal method direct
#
interface Vlan-interface102
ip address 192.168.102.254 255.255.255.0
portal server portal method direct
portal domain linsen.com
#
interface Vlan-interface106
ip address 192.168.106.2 255.255.255.0
#
interface Ethernet0/2
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 100 to 102
#
interface Ethernet0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 101
#
interface Ethernet0/4
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 100
port trunk pvid vlan 100
#
interface Ethernet0/5
port link-mode bridge
port access vlan 106
#
interface WLAN-Radio2/0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.240
#
dhcp server forbidden-ip 192.168.101.254
dhcp server forbidden-ip 192.168.100.254
dhcp server forbidden-ip 192.168.102.254
dhcp server forbidden-ip 192.168.100.240
#
dhcp enable
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
user privilege level 3
set authentication password cipher $c$3$TWUiYn/HbIKtO+oWnIwUrkk5mz2HztMsB8radw==
#
return
|
|