现在位置: 首页 / 无线 / 正文

无线本地Portal认证

网络拓扑:

AC+Fit AP 无线组网,采用集中转发,并开启本地portal认证;

11

配置步骤:

1、创建VLAN 添加端口,配置IP

[AC]int LoopBack  1                    //用于本地portal的地址;
[AC-LoopBack1]ip address  1.1.1.1 32
[AC] vlan 10
[AC-vlan10] port GigabitEthernet1/0/1
[AC-vlan10] int vlan 10
[AC-Vlan-interface10] ip address  10.1.1.1 24
[AC-vlan20]int vlan 20
[AC-Vlan-interface20] ip address  20.1.1.1 24

2、配置DHCP:AP注册获取地址池 ;无线用户上线的地址池

[AC]dhcp server ip-pool ap
[AC-dhcp-pool-ap] gateway-list 10.1.1.1
[AC-dhcp-pool-ap] network 10.1.1.0 mask 255.255.255.0
[AC]dhcp server ip-pool user
[AC-dhcp-pool-user] gateway-list 20.1.1.1
[AC-dhcp-pool-user] network 20.1.1.0 mask 255.255.255.0
[AC-dhcp-pool-user] dns-list 8.8.8.8

3、AP注册上线

[AC]wlan ap ap1 model WA6320-SI
[AC-wlan-ap-ap1] serial-id 219801A2N18219E014XR

4、配置本地portal服务

[AC]portal web-server 1
[AC-portal-websvr-1] url http://1.1.1.1/portal
[AC]portal local-web-server http 
[AC-portal-local-websvr-http] default-logon-page defaultfile.zip
[AC]portal local-web-server https 
[AC-portal-local-websvr-https] default-logon-page defaultfile.zip

1

5、创建无线服务模板

[AC]wlan service-template 1
[AC-wlan-st-1] ssid H3C
[AC-wlan-st-1] vlan 20
[AC-wlan-st-1] portal enable method direct
[AC-wlan-st-1] portal apply web-server 1
[AC-wlan-st-1] service-template enable

6、AP下射频发布,绑定模板

[AC]wlan ap ap1 model WA6320-SI 
[AC-wlan-ap-ap1] serial-id 219801A2N18219E014XR
[AC-wlan-ap-ap1] vlan 1
[AC-wlan-ap-ap1-vlan1] radio 1
[AC-wlan-ap-ap1-radio-1]  radio enable
[AC-wlan-ap-ap1-radio-1]  service-template 1
[AC-wlan-ap-ap1-radio-1] radio 2
[AC-wlan-ap-ap1-radio-2] gigabitethernet 1

7、添加本地用户

[AC]local-user yige class network
[AC-luser-network-yige] password cipher 123
[AC-luser-network-yige] service-type portal

8、测试 通过portal 认证上线客户端

[AC]dis portal user  all
Total portal users: 1
Username: yige
  AP name: ap1
  Radio ID: 1
  SSID: H3C
  Portal server: N/A
  State: Online
  VPN instance: N/A
  MAC             IP                    VLAN    Interface                       
  34c9-3db2-d9d7  20.1.1.2              20      WLAN-BSS1/0/1                   
  Authorization information:
    DHCP IP pool: N/A
    User profile: N/A
    Session group profile: N/A
    ACL number: N/A
    Inbound CAR: N/A
    Outbound CAR: N/A
    Web URL: N/A

3

4