華爲AC6605與OSSH免費版華爲Portal系統的對

OSSH免費版華爲Portal系統支持華爲Portal協議，能夠跟市面上支持華爲協議的設備進行對接，方便的實現Web Portal認證。下面我們介紹華爲主流6605系列AC同OSSH免費版華爲Portal的對接示例，僅供大家參考。

網絡拓撲如下：

配置說明：

1、將無線認證用戶及設備劃分到VLAN2014

#

vlan 2014

description user_vlan

#

2、配置Radius認證模板

#

radius-server templateradius_huawei

radius-servershared-key cipher %@%@,%+K=Sl9NOmxy2@J~"X//97v%@%@

radius-serverauthentication 192.168.10.3 1812 weight 80

radius-serveraccounting 192.168.10.3 1813 weight 80

undo radius-serveruser-name domain-included

#

#

url-template nameurlTemplate_0

#

3、配置Portal認證對接的參數

#

web-auth-serverportal

server-ip192.168.10.3

port 50100

shared-key cipher%@%@qfU0XjxGk-{_|i"4x;<,/v~S%@%@

url http:  //192.168.10.3:8080/login.jsp

url-templateurlTemplate_0

user-sync

#

4、配置無線認證用戶的地址池、網關及DNS

#

ip pool wifi_user

gateway-list192.168.10.1

network 192.168.10.0 mask255.255.255.0

excluded-ip-address192.168.10.1 192.168.10.40

lease day 0 hour 1minute 0

dns-list 8.8.8.8

#

5、配置AAA模板

#

aaa

authentication-scheme default

authentication-scheme radius_huawei

authentication-mode radius

authorization-scheme default

accounting-scheme default

accounting-scheme radius_huawei

accounting-mode radius

domain default

domain default_admin  

domain huawei.com  

authentication-scheme radius_huawei

accounting-scheme radius_huawei

radius-server radius_huawei

local-user admin password cipher%@%@lA9^Vm7sN452P)V;[5<Fcc>(%@%@

local-user admin privilege level 15

local-user admin service-type telnet ssh ftpweb http

#

6、配置VLAN2014的地址以及在該Vlan中啓用Portal認證

#

interfaceVlanif2014

ip address 192.168.10.2255.255.255.0

web-auth-serverportal direct

dhcp select global

#

7、其他配置如下：

#

interfaceGigabitEthernet0/0/1

port link-typeaccess

port default vlan2014

#

interfaceGigabitEthernet0/0/2

port link-typeaccess

port default vlan2014

#

#

interfaceGigabitEthernet0/0/24

port link-typetrunk

port trunkallow-pass vlan 2014 to 2015

#

interfaceXGigabitEthernet0/0/1

#

interfaceXGigabitEthernet0/0/2

#

interface Wlan-Ess0

port hybrid pvidvlan 2014

undo port hybridvlan 1

port hybriduntagged vlan 2014

permit-domain namehuawei.com

force-domain namehuawei.com

#

interface Wlan-Ess1

descriptionno_portal

port hybrid pvidvlan 2014

undo port hybridvlan 1

port hybriduntagged vlan 2014

#

interface NULL0

#

ip route-static0.0.0.0 0.0.0.0 192.168.10.1

#

以上即爲OSSH免費版華爲Portal系統與華爲AC6605對接的示例，僅供大家參考，如有問題可以隨時聯繫我們，QQ羣：195323074  羣內有下載地址。