HTTP://SUPPORT.HUAWEI.COM/ECOMMUNITY/BBS/10178271.HTML?P=1#P0 Huawei 5700 switches through external open source Protal and local AAA user authentication issues
You:
Hello, I am through a Huawei 5700 switch and a portal server, want to take advantage of the local AAA authentication switch, to complete the user's online authentication. Once configured, the user can go to the portal page, but the authentication cannot pass, the configuration is as follows:
I. Configuration of the Portal Server (open source portal software ossh)
Installing the JRE
1), first through SSH link to the installation server, download the Java installation package file:
wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=81812
2), unzip the installation package: TAR–ZXVF jre-7u45-linux-x64.tar.gz
3), move the file to the specified directory: MV./jre1.7.0_45/usr/local/jre
Set up links for easy upgrade: LN–S/USR/LOCAL/JRE1.7.0_45/USR/LOCAL/JRE
Set Environment variables:
Vi/etc/profile
At the very end, add the following:
Jre_home=/usr/local/jre
Classpath=.: $JRE _home/lib/rt.jar: $JRE _home/lib/dt.jar: $JRE _home/lib/tools.jar
Path= $PATH: $JRE _home/bin
Export Jre_home CLASSPATH Path free Huawei external Portal Certification configuration Manual
After saving VI, close the current SSH window and open the new SSH window input: java–version
If the following information appears, the installation is successful:
Java Version "1.7.0_45"
Java (TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot (TM) 64-bit Server VM (build 24.45-b08, Mixed mode)
Installing Portalserver
1), unzip the portal installation files:
TAR–ZXVF./portalserver_2013-12-26.tar.gz
2), move the file to the specified directory: MV./portalserver/usr/local
3), edit the configuration file: VI
/usr/local/portalserver/webapps/portalserver/web-inf/classes/configs.prod.properties
Modify the following content:
achost=45.1.100.2//address of the AC server (switch upstream port)
acport=2000//ports that communicate with the AC server
Sharedsecret=hoyme
authtype=0//authentication method CHAP is 0 PAP for 1
timeoutsec=3//message Send timeout, default is 3, per second
Save after modification, note: Each time you modify the configuration file, you need to restart the Portalserver service before you can
4), Start Portalserver service, execute:
/usr/local/portalserver/bin/startup.sh
After waiting a few moments, launch the local browser, enter http://45.1.100.2:8088, and successfully appear the login screen:
Second, switch configuration
1.web-server Configuration
2. Release DNS
3. Binding to the User VLAN
4. Create AAA users to complete Web authentication
5. Test results (traffic to any website is redirected to mandatory authentication on the Poral page)
But I did not enable RADIUS to do user database, leverage the switch AAA database and feel as if it was not successful
View debugging information as follows:
<manage-converged>debugging Web Packet
<manage-converged>terminal debugging
Info:current terminal debugging is on.
<manage-converged>terminal Monitor
Info:current terminal Monitor is on.
Please, how is this going to be guided? Thank you.
Start the Portalserver service and execute:
/usr/local/portalserver/bin/startup.sh
Huawei 5700 switch issues with external open source Protal and local AAA user authentication