Configuring Built-in Portal Authentication
[Problem Analysis]
Answer customer problem
[Root Cause]
Answer customer problem
[Solution Description]
- #
sysname AC
#
http secure-server ssl-policy default_policy
http server enable
#
portal local-server ip 10.23.100.3
portal local-server https ssl-policy default_policy port 20000
#
vlan batch 100 to 101
#
authentication-profile name wlan-net
portal-access-profile wlan-net
free-rule-template default_free_rule
authentication-scheme wlan-net
#
dhcp enable
#
pki realm abc
pki import-certificate local realm abc pem filename abc_local.pem
pki import-certificate ca realm abc pem filename abc_ca.pem
pki import rsa-key-pair key1 pem privatekey.pem password Huawei@123
#
ssl policy default_policy type server
pki-realm abc
version tls1.0 tls1.1 tls1.2
ciphersuite rsa_aes_128_sha256 rsa_aes_256_sha256
#
free-rule-template name default_free_rule
free-rule 1 destination ip 8.8.8.8 mask 255.255.255.255
#
portal-access-profile name wlan-net
portal local-server enable
#
aaa
authentication-scheme wlan-net
#
interface Vlanif100
ip address 10.23.100.1 255.255.255.0
dhcp select interface
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100 to 101
#
interface LoopBack1
ip address 10.23.100.3 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.23.101.2
#
capwap source interface vlanif100
#
wlan
security-profile name wlan-net
ssid-profile name wlan-net
ssid wlan-net
vap-profile name wlan-net
forward-mode tunnel
service-vlan vlan-id 101
ssid-profile wlan-net
security-profile wlan-net
authentication-profile wlan-net
regulatory-domain-profile name default
ap-group name ap-group1
radio 0
vap-profile wlan-net wlan 1
radio 1
vap-profile wlan-net wlan 1
ap-id 0 type-id 35 ap-mac 60de-4476-e360 ap-sn 210235554710CB000042
ap-name area_1
ap-group ap-group1
#
return
