鸿鹄论坛 › HCIA认证交流 › 华为AC6605与OSSH免费版华为Portal系统的对接

nicem6 发表于 2014-2-11 16:11:07

华为AC6605与OSSH免费版华为Portal系统的对接

OSSH免费版华为Portal系统支持华为Portal协议，能够跟市面上支持华为协议的设备进行对接，方便的实现Web Portal认证。下面我们介绍华为主流6605系列AC同OSSH免费版华为Portal的对接示例，仅供大家参考。网络拓扑如下：http://www.ossh.org/data/attachment/forum/201401/21/151443wvr5h0s5ch4g01qp.jpg
配置说明：1、将无线认证用户及设备划分到VLAN2014#vlan 2014 description user_vlan#2、配置Radius认证模板#radius-server templateradius_huaweiradius-servershared-key cipher %@%@,%+K=Sl9NOmxy2@J~"X//97v%@%@radius-serverauthentication 192.168.10.3 1812 weight 80radius-serveraccounting 192.168.10.3 1813 weight 80undo radius-serveruser-name domain-included##url-template nameurlTemplate_0#3、配置Portal认证对接的参数#web-auth-serverportalserver-ip192.168.10.3port 50100shared-key cipher%@%@qfU0XjxGk-{_|i"4x;<,/v~S%@%@urlhttp://192.168.10.3:8080/login.jspurl-templateurlTemplate_0user-sync#4、配置无线认证用户的地址池、网关及DNS#ip pool wifi_usergateway-list192.168.10.1 network 192.168.10.0mask255.255.255.0 excluded-ip-address192.168.10.1 192.168.10.40 lease day 0 hour 1minute 0 dns-list 8.8.8.8 #5、配置AAA模板#aaa authentication-scheme default authentication-scheme radius_huawei authentication-mode radius authorization-scheme default accounting-scheme default accounting-scheme radius_huawei accounting-mode radius domain default domain default_admin domain huawei.com authentication-scheme radius_huawei accounting-scheme radius_huawei radius-server radius_huawei local-user admin password cipher%@%@lA9^Vm7sN452P)V; local-user admin privilege level 15 local-user admin service-type telnet ssh ftpweb http#6、配置VLAN2014的地址以及在该Vlan中启用Portal认证#interfaceVlanif2014ip address 192.168.10.2255.255.255.0 web-auth-serverportal directdhcp select global#7、其他配置如下：#interfaceGigabitEthernet0/0/1port link-typeaccessport default vlan2014#interfaceGigabitEthernet0/0/2port link-typeaccessport default vlan2014##interfaceGigabitEthernet0/0/24port link-typetrunkport trunkallow-pass vlan 2014 to 2015#interfaceXGigabitEthernet0/0/1#interfaceXGigabitEthernet0/0/2#interface Wlan-Ess0port hybrid pvidvlan 2014undo port hybridvlan 1port hybriduntagged vlan 2014permit-domain namehuawei.comforce-domain namehuawei.com#interface Wlan-Ess1descriptionno_portalport hybrid pvidvlan 2014undo port hybridvlan 1port hybriduntagged vlan 2014#interface NULL0#ip route-static0.0.0.0 0.0.0.0 192.168.10.1#    以上即为OSSH免费版华为Portal系统与华为AC6605对接的示例，仅供大家参考，如有问题可以随时在官网发帖咨询！

查看完整版本: 华为AC6605与OSSH免费版华为Portal系统的对接