创建domain域:
domain portal
authorization-attribute idle-cut 15 1024
authorization-attribute user-profile cwytest1 //在domain域下面绑定user-profile cwytes1
authentication portal local
authorization portal local //这一步一定要选择local
accounting portal none
创建domain域:
domain portal1
authorization-attribute idle-cut 15 1024
authorization-attribute user-profile cwytest2 //在domain域下面绑定user-profile cwytes2
authentication portal local
authorization portal local //这一步一定要选择local
accounting portal none
配置portal的web服务:
portal web-server newpt
url http://10.40.92.1/portal
创建无线服务模板portal:
wlan service-template portal
ssid test123
vlan 100
client forwarding-location ap
portal enable method direct
portal domain portal
portal apply web-server newpt
service-template enable
创建无线服务模板portal1
wlan service-template portal1
ssid test1234
vlan 100
client forwarding-location ap
portal enable method direct
portal domain portal1
portal apply web-server newpt
service-template enable
创建user-profile cwytest1
user-profile cwytest1
wlan permit-ssid test123 //在user-profile下面只允许test123信号
创建user-profile cwytest2
user-profile cwytest2
wlan permit-ssid test1234 //在user-profile下面只允许test123信号
创建本地portal用户:
local-user cwytest1 class network
password simple client@12345
service-type portal
authorization-attribute user-profile cwytest1 //在用户下面关联相关的user-profile属性
authorization-attribute user-role network-operator
local-user cwytest2 class network
password simple client@12345
service-type portal
authorization-attribute user-profile cwytest2 //在用户下面关联相关的user-profile属性
authorization-attribute user-role network-operator
在配置domain的时候认证需要选择本地:
domain portal1
authorization-attribute idle-cut 15 1024
authorization-attribute user-profile cwytest2 //在domain域下面绑定user-profile cwytes2
authentication portal local
authorization portal local //这一步一定要选择local
accounting portal none
测试结果:
连接ssid test123,使用用户cwytest2用户进行认证,无法认证成功拒绝接入,使用cwytest1用户登陆正常
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作