Huawei 5700 switch issues with external open source Protal and local AAA user authentication

HTTP://SUPPORT.HUAWEI.COM/ECOMMUNITY/BBS/10178271.HTML?P=1#P0 Huawei 5700 switches through external open source Protal and local AAA user authentication issues

You:

Hello, I am through a Huawei 5700 switch and a portal server, want to take advantage of the local AAA authentication switch, to complete the user's online authentication. Once configured, the user can go to the portal page, but the authentication cannot pass, the configuration is as follows:

I. Configuration of the Portal Server (open source portal software ossh)

Installing the JRE

1), first through SSH link to the installation server, download the Java installation package file:

wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=81812

2), unzip the installation package: TAR–ZXVF jre-7u45-linux-x64.tar.gz

3), move the file to the specified directory: MV./jre1.7.0_45/usr/local/jre

Set up links for easy upgrade: LN–S/USR/LOCAL/JRE1.7.0_45/USR/LOCAL/JRE

Set Environment variables:
Vi/etc/profile

At the very end, add the following:

Jre_home=/usr/local/jre

Classpath=.: $JRE _home/lib/rt.jar: $JRE _home/lib/dt.jar: $JRE _home/lib/tools.jar

Path= $PATH: $JRE _home/bin

Export Jre_home CLASSPATH Path free Huawei external Portal Certification configuration Manual

After saving VI, close the current SSH window and open the new SSH window input: java–version

If the following information appears, the installation is successful:

Java Version "1.7.0_45"

Java (TM) SE Runtime Environment (build 1.7.0_45-b18)

Java HotSpot (TM) 64-bit Server VM (build 24.45-b08, Mixed mode)

Installing Portalserver

1), unzip the portal installation files:

TAR–ZXVF./portalserver_2013-12-26.tar.gz

2), move the file to the specified directory: MV./portalserver/usr/local

3), edit the configuration file: VI

/usr/local/portalserver/webapps/portalserver/web-inf/classes/configs.prod.properties

Modify the following content:

achost=45.1.100.2//address of the AC server (switch upstream port)

acport=2000//ports that communicate with the AC server

Sharedsecret=hoyme

authtype=0//authentication method CHAP is 0 PAP for 1

timeoutsec=3//message Send timeout, default is 3, per second

Save after modification, note: Each time you modify the configuration file, you need to restart the Portalserver service before you can

4), Start Portalserver service, execute:

/usr/local/portalserver/bin/startup.sh

After waiting a few moments, launch the local browser, enter http://45.1.100.2:8088, and successfully appear the login screen:

Second, switch configuration

1.web-server Configuration

2. Release DNS

3. Binding to the User VLAN

4. Create AAA users to complete Web authentication

5. Test results (traffic to any website is redirected to mandatory authentication on the Poral page)

But I did not enable RADIUS to do user database, leverage the switch AAA database and feel as if it was not successful

View debugging information as follows:

<manage-converged>debugging Web Packet

<manage-converged>terminal debugging

Info:current terminal debugging is on.

<manage-converged>terminal Monitor

Info:current terminal Monitor is on.

Please, how is this going to be guided? Thank you.

Start the Portalserver service and execute:

/usr/local/portalserver/bin/startup.sh

Huawei 5700 switch issues with external open source Protal and local AAA user authentication