WX3510H portal认证终端跳不出认证页面
- 0关注
- 0收藏,741浏览
问题描述:
portal enable method direct
portal domain hailiang-guest
portal apply web-server http://172.16.20.250:8080/portal
service-template enable
组网及组网描述:
WX
- 2022-11-18提问
- 举报
-
(0)
最佳答案
提供的信息太少,看这配置,没配置bas-ip
# 在无线服务模板st1上设置发送给Portal认证服务器的Portal报文中的BAS-IP属性值为AC 地址
[AC-wlan-st-st1] portal bas-ip xxxx
- 2022-11-18回答
- 评论(1)
- 举报
-
(0)
<H3C>display cu <H3C>display current-configuration # version 7.1.064, Release 5229 # sysname H3C # wlan band-navigation enable # telnet server enable # irf mac-address persistent timer irf auto-update enable irf auto-merge enable irf member 1 priority 1 # dot1x dot1x authentication-method eap # dhcp enable dhcp relay client-information record undo dhcp relay client-information refresh enable # password-recovery enable # vlan 1 # vlan 2 to 10 # vlan 20 # irf-port 1 # wlan service-template 1 ssid office vlan 2 client max-count 2007 akm mode dot1x cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa client-security authentication-mode dot1x dot1x domain ***.*** service-template enable # wlan service-template 2 ssid machine vlan 4 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$2nKdmOyMjELUCQScsVRGV2L6INXcLfo/H21Pe3w= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template 3 ssid guest vlan 20 client max-count 2007 portal enable method direct portal domain hailiang-guest portal apply web-server http://172.16.20.250:8080/portal service-template enable # wlan service-template 4 ssid WORK vlan 6 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$5PEd4KO4XLnrU13XMewrn1KSAbvqnZDDShwaQAo= cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template sh-it ssid SHHL vlan 2 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$JCWhFAEa7N75hZPppiQmVmy1wGY2mgONgS1B4MA= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # interface Bridge-Aggregation1 port link-type trunk port trunk permit vlan all # interface NULL0 # interface Vlan-interface2 ip address 172.16.0.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface4 ip address 172.16.2.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface10 ip address 172.16.10.20 255.255.255.0 dhcp select relay dhcp relay server-address 172.16.10.1 # interface Vlan-interface20 ip address 172.16.20.250 255.255.255.0 dhcp relay server-address 172.16.7.11 portal enable method direct portal bas-ip 2.2.2.1 portal apply web-server RZ # interface GigabitEthernet1/0/1 port access vlan 10 # interface GigabitEthernet1/0/2 port access vlan 20 # interface GigabitEthernet1/0/3 # interface GigabitEthernet1/0/4 # interface GigabitEthernet1/0/5 # interface GigabitEthernet1/0/6 # interface GigabitEthernet1/0/7 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # interface GigabitEthernet1/0/8 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # scheduler logfile size 16 # line class console user-role network-admin # line class vty user-role network-operator # line con 0 user-role network-admin # line vty 0 31 authentication-mode scheme user-role network-operator # ip route-static 0.0.0.0 0 172.16.10.1 # undo info-center logfile enable # radius session-control enable # radius scheme "hl office" primary authentication 172.16.7.13 key cipher $c$3$d1pSGze9RWl9E5bTfbsBmhnbS8Y7y4tHbw== primary accounting 172.16.7.13 key cipher $c$3$O8ehCxJ9HqaQZirJvSg8M0hHao0q8vB2Ag== secondary authentication 172.16.7.12 key cipher $c$3$OfuOVDomwIl8id24Gwf6a1jDpiP3aL5tsg== secondary accounting 172.16.7.12 key cipher $c$3$hsi5ISVHRDAoaEHIBD5p+EENbKqtbjCHDw== # radius scheme office primary authentication 172.16.7.13 key cipher $c$3$v1VnEQR8BAXR6d6C657ASemm2nDMnfi1UA== primary accounting 172.16.7.13 key cipher $c$3$f2gc7kfCrAj4EELCnQpy6fDXVdMzDGoogA== # radius scheme portal primary authentication 172.16.10.20 key cipher $c$3$p3PlZ25WOif6EMbIlrepIB0ooJtD5Iz0tw== user-name-format without-domain # domain hailiang-guest authentication portal local authorization portal none accounting portal none # domain ***.*** authentication lan-access radius-scheme office authorization lan-access radius-scheme office accounting lan-access radius-scheme office # domain office # domain office1 # domain portal11 authentication portal local authorization portal none accounting portal none # domain system # domain default enable system # role name level-0 description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # local-user admin class manage password hash $h$6$36xLJwTT5UZLQE5N$e6LriWZVGLy3JEwn8+NyJpwvmJVExAz1B2GPbNhTb59UXtr+h60IqDBzEgjtOfWVjk1IH4fhs5H33simRaVmbw== service-type telnet http https authorization-attribute user-role network-admin # local-user test1 class manage password hash $h$6$pSryoJWEGOjPwLL4$Tb+KpzKsDzpWJOS3clUJFEXKNT7y1epXron92MMvOjwFtdo/5Gz6US2Qk/VAtawq8T9qPZKWqeU71Wv29h2hew== service-type ftp authorization-attribute user-role network-operator # local-user admin class network password cipher $c$3$w6HUyT8z7ztYApyaRvAwPCsu/SuSfRRH access-limit 222 service-type portal bind-attribute location interface Vlan-interface20 authorization-attribute user-role network-operator # local-user guest01 class network password cipher $c$3$7H1t7sy7ZFcQnpVWLT7Qqau8JAFuqzf4Lw== service-type portal authorization-attribute user-role network-operator # local-user it01 class network password cipher $c$3$JjMSM4MdVD6YLdc21JJGWg4AcM94EA== service-type lan-access authorization-attribute user-role network-operator # local-user test class network password cipher $c$3$LAL3AupvcwV5chpWFUemFXfyfj2W4Ll5PA== service-type portal authorization-attribute user-role network-operator # ftp server enable # portal host-check enable portal free-rule 1 destination ip 192.168.20.0 255.255.255.0 portal free-rule 1 description ip 172.16.20.0 255.255.255.0 portal free-rule 2 destination ip 172.16.7.0 255.255.255.0 portal free-rule 3 destination ip 172.16.20.0 255.255.255.0 portal free-rule 33 destination ip 202.96.209.0 255.255.255.0 # portal web-server web url 172.16.20.250/portal/ # portal local-web-server http default-logon-page defaultfile.zip # portal local-web-server https default-logon-page defaultfile.zip # ip http enable ip https enable # wlan auto-ap enable wlan auto-persistent enable # wlan global-configuration firmware-upgrade disable # wlan ap-group default-group provision auto-update enable vlan 1 ap-model WA4320-ACN-C radio 1 radio enable radio 2 radio enable gigabitethernet 1 # wlan ap-group wa4330-acn provision auto-update enable vlan 1 ap 0440-a927-e1b0 ap 0440-a927-eea0 ap 0440-a927-ffe0 ap 0440-a928-0640 ap 5cc9-992e-8110 ap 5cc9-9934-5d60 ap 5cc9-9934-6630 ap 5cc9-9934-6990 ap 5cc9-9934-6c60 ap 74ea-c8a5-4210 ap ap-22-beiyon ap ap1-c07 ap ap16-ronglian2 ap ap2-c15 ap ap22-beiyon ap ap23-fuzongbangongshi ap ap3-c25 ap ap4 ap ap4-c35 ap ap5-c44 ap ap6-c54 ap ap7-c64 ap ap8 ap ap8-c74 ap ap9 ap ap9-c84 ap-model WA4330-ACN radio 1 radio enable radio 2 max-power 20 radio 3 radio enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap1-c07 model WA4330-ACN serial-id 210235A1K6C187002494 vlan 1 radio 1 channel 36 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 radio disable service-template 2 client-proximity-sensor enable radio 3 channel 1 radio enable service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap10-b06 model WA4320-ACN-C serial-id 219801A0UF8189E00106 vlan 1 band-navigation enable radio 1 channel 149 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 channel 9 service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap11-b15 model WA4320-ACN-C serial-id 219801A0UF8189E00057 vlan 1 radio 1 channel 56 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 6 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap12-b23 model WA4320-ACN-C serial-id 219801A0UF8189E0005S vlan 1 radio 1 channel 64 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 8 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap13-b32 model WA4320-ACN-C serial-id 219801A0UF8189E000R8 vlan 1 radio 1 channel 60 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 7 radio enable <H3C> Inactive timeout reached, logging out. 遗失对主机的连接。 C:\Users\user> <H3C>display cu <H3C>display current-configuration # version 7.1.064, Release 5229 # sysname H3C # wlan band-navigation enable # telnet server enable # irf mac-address persistent timer irf auto-update enable irf auto-merge enable irf member 1 priority 1 # dot1x dot1x authentication-method eap # dhcp enable dhcp relay client-information record undo dhcp relay client-information refresh enable # password-recovery enable # vlan 1 # vlan 2 to 10 # vlan 20 # irf-port 1 # wlan service-template 1 ssid office vlan 2 client max-count 2007 akm mode dot1x cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa client-security authentication-mode dot1x dot1x domain ***.*** service-template enable # wlan service-template 2 ssid machine vlan 4 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$2nKdmOyMjELUCQScsVRGV2L6INXcLfo/H21Pe3w= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template 3 ssid guest vlan 20 client max-count 2007 portal enable method direct portal domain hailiang-guest portal apply web-server http://172.16.20.250:8080/portal service-template enable # wlan service-template 4 ssid WORK vlan 6 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$5PEd4KO4XLnrU13XMewrn1KSAbvqnZDDShwaQAo= cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template sh-it ssid SHHL vlan 2 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$JCWhFAEa7N75hZPppiQmVmy1wGY2mgONgS1B4MA= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # interface Bridge-Aggregation1 port link-type trunk port trunk permit vlan all # interface NULL0 # interface Vlan-interface2 ip address 172.16.0.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface4 ip address 172.16.2.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface10 ip address 172.16.10.20 255.255.255.0 dhcp select relay dhcp relay server-address 172.16.10.1 # interface Vlan-interface20 ip address 172.16.20.250 255.255.255.0 dhcp relay server-address 172.16.7.11 portal enable method direct portal bas-ip 2.2.2.1 portal apply web-server RZ # interface GigabitEthernet1/0/1 port access vlan 10 # interface GigabitEthernet1/0/2 port access vlan 20 # interface GigabitEthernet1/0/3 # interface GigabitEthernet1/0/4 # interface GigabitEthernet1/0/5 # interface GigabitEthernet1/0/6 # interface GigabitEthernet1/0/7 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # interface GigabitEthernet1/0/8 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # scheduler logfile size 16 # line class console user-role network-admin # line class vty user-role network-operator # line con 0 user-role network-admin # line vty 0 31 authentication-mode scheme user-role network-operator # ip route-static 0.0.0.0 0 172.16.10.1 # undo info-center logfile enable # radius session-control enable # radius scheme "hl office" primary authentication 172.16.7.13 key cipher $c$3$d1pSGze9RWl9E5bTfbsBmhnbS8Y7y4tHbw== primary accounting 172.16.7.13 key cipher $c$3$O8ehCxJ9HqaQZirJvSg8M0hHao0q8vB2Ag== secondary authentication 172.16.7.12 key cipher $c$3$OfuOVDomwIl8id24Gwf6a1jDpiP3aL5tsg== secondary accounting 172.16.7.12 key cipher $c$3$hsi5ISVHRDAoaEHIBD5p+EENbKqtbjCHDw== # radius scheme office primary authentication 172.16.7.13 key cipher $c$3$v1VnEQR8BAXR6d6C657ASemm2nDMnfi1UA== primary accounting 172.16.7.13 key cipher $c$3$f2gc7kfCrAj4EELCnQpy6fDXVdMzDGoogA== # radius scheme portal primary authentication 172.16.10.20 key cipher $c$3$p3PlZ25WOif6EMbIlrepIB0ooJtD5Iz0tw== user-name-format without-domain # domain hailiang-guest authentication portal local authorization portal none accounting portal none # domain ***.*** authentication lan-access radius-scheme office authorization lan-access radius-scheme office accounting lan-access radius-scheme office # domain office # domain office1 # domain portal11 authentication portal local authorization portal none accounting portal none # domain system # domain default enable system # role name level-0 description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # local-user admin class manage password hash $h$6$36xLJwTT5UZLQE5N$e6LriWZVGLy3JEwn8+NyJpwvmJVExAz1B2GPbNhTb59UXtr+h60IqDBzEgjtOfWVjk1IH4fhs5H33simRaVmbw== service-type telnet http https authorization-attribute user-role network-admin # local-user test1 class manage password hash $h$6$pSryoJWEGOjPwLL4$Tb+KpzKsDzpWJOS3clUJFEXKNT7y1epXron92MMvOjwFtdo/5Gz6US2Qk/VAtawq8T9qPZKWqeU71Wv29h2hew== service-type ftp authorization-attribute user-role network-operator # local-user admin class network password cipher $c$3$w6HUyT8z7ztYApyaRvAwPCsu/SuSfRRH access-limit 222 service-type portal bind-attribute location interface Vlan-interface20 authorization-attribute user-role network-operator # local-user guest01 class network password cipher $c$3$7H1t7sy7ZFcQnpVWLT7Qqau8JAFuqzf4Lw== service-type portal authorization-attribute user-role network-operator # local-user it01 class network password cipher $c$3$JjMSM4MdVD6YLdc21JJGWg4AcM94EA== service-type lan-access authorization-attribute user-role network-operator # local-user test class network password cipher $c$3$LAL3AupvcwV5chpWFUemFXfyfj2W4Ll5PA== service-type portal authorization-attribute user-role network-operator # ftp server enable # portal host-check enable portal free-rule 1 destination ip 192.168.20.0 255.255.255.0 portal free-rule 1 description ip 172.16.20.0 255.255.255.0 portal free-rule 2 destination ip 172.16.7.0 255.255.255.0 portal free-rule 3 destination ip 172.16.20.0 255.255.255.0 portal free-rule 33 destination ip 202.96.209.0 255.255.255.0 # portal web-server web url 172.16.20.250/portal/ # portal local-web-server http default-logon-page defaultfile.zip # portal local-web-server https default-logon-page defaultfile.zip # ip http enable ip https enable # wlan auto-ap enable wlan auto-persistent enable # wlan global-configuration firmware-upgrade disable # wlan ap-group default-group provision auto-update enable vlan 1 ap-model WA4320-ACN-C radio 1 radio enable radio 2 radio enable gigabitethernet 1 # wlan ap-group wa4330-acn provision auto-update enable vlan 1 ap 0440-a927-e1b0 ap 0440-a927-eea0 ap 0440-a927-ffe0 ap 0440-a928-0640 ap 5cc9-992e-8110 ap 5cc9-9934-5d60 ap 5cc9-9934-6630 ap 5cc9-9934-6990 ap 5cc9-9934-6c60 ap 74ea-c8a5-4210 ap ap-22-beiyon ap ap1-c07 ap ap16-ronglian2 ap ap2-c15 ap ap22-beiyon ap ap23-fuzongbangongshi ap ap3-c25 ap ap4 ap ap4-c35 ap ap5-c44 ap ap6-c54 ap ap7-c64 ap ap8 ap ap8-c74 ap ap9 ap ap9-c84 ap-model WA4330-ACN radio 1 radio enable radio 2 max-power 20 radio 3 radio enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap1-c07 model WA4330-ACN serial-id 210235A1K6C187002494 vlan 1 radio 1 channel 36 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 radio disable service-template 2 client-proximity-sensor enable radio 3 channel 1 radio enable service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap10-b06 model WA4320-ACN-C serial-id 219801A0UF8189E00106 vlan 1 band-navigation enable radio 1 channel 149 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 channel 9 service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap11-b15 model WA4320-ACN-C serial-id 219801A0UF8189E00057 vlan 1 radio 1 channel 56 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 6 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap12-b23 model WA4320-ACN-C serial-id 219801A0UF8189E0005S vlan 1 radio 1 channel 64 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 8 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap13-b32 model WA4320-ACN-C serial-id 219801A0UF8189E000R8 vlan 1 radio 1 channel 60 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 7 radio enable <H3C> Inactive timeout reached, logging out. 遗失对主机的连接。 C:\Users\user>
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
<H3C>display cu <H3C>display current-configuration # version 7.1.064, Release 5229 # sysname H3C # wlan band-navigation enable # telnet server enable # irf mac-address persistent timer irf auto-update enable irf auto-merge enable irf member 1 priority 1 # dot1x dot1x authentication-method eap # dhcp enable dhcp relay client-information record undo dhcp relay client-information refresh enable # password-recovery enable # vlan 1 # vlan 2 to 10 # vlan 20 # irf-port 1 # wlan service-template 1 ssid office vlan 2 client max-count 2007 akm mode dot1x cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa client-security authentication-mode dot1x dot1x domain ***.*** service-template enable # wlan service-template 2 ssid machine vlan 4 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$2nKdmOyMjELUCQScsVRGV2L6INXcLfo/H21Pe3w= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template 3 ssid guest vlan 20 client max-count 2007 portal enable method direct portal domain hailiang-guest portal apply web-server http://172.16.20.250:8080/portal service-template enable # wlan service-template 4 ssid WORK vlan 6 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$5PEd4KO4XLnrU13XMewrn1KSAbvqnZDDShwaQAo= cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template sh-it ssid SHHL vlan 2 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$JCWhFAEa7N75hZPppiQmVmy1wGY2mgONgS1B4MA= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # interface Bridge-Aggregation1 port link-type trunk port trunk permit vlan all # interface NULL0 # interface Vlan-interface2 ip address 172.16.0.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface4 ip address 172.16.2.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface10 ip address 172.16.10.20 255.255.255.0 dhcp select relay dhcp relay server-address 172.16.10.1 # interface Vlan-interface20 ip address 172.16.20.250 255.255.255.0 dhcp relay server-address 172.16.7.11 portal enable method direct portal bas-ip 2.2.2.1 portal apply web-server RZ # interface GigabitEthernet1/0/1 port access vlan 10 # interface GigabitEthernet1/0/2 port access vlan 20 # interface GigabitEthernet1/0/3 # interface GigabitEthernet1/0/4 # interface GigabitEthernet1/0/5 # interface GigabitEthernet1/0/6 # interface GigabitEthernet1/0/7 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # interface GigabitEthernet1/0/8 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # scheduler logfile size 16 # line class console user-role network-admin # line class vty user-role network-operator # line con 0 user-role network-admin # line vty 0 31 authentication-mode scheme user-role network-operator # ip route-static 0.0.0.0 0 172.16.10.1 # undo info-center logfile enable # radius session-control enable # radius scheme "hl office" primary authentication 172.16.7.13 key cipher $c$3$d1pSGze9RWl9E5bTfbsBmhnbS8Y7y4tHbw== primary accounting 172.16.7.13 key cipher $c$3$O8ehCxJ9HqaQZirJvSg8M0hHao0q8vB2Ag== secondary authentication 172.16.7.12 key cipher $c$3$OfuOVDomwIl8id24Gwf6a1jDpiP3aL5tsg== secondary accounting 172.16.7.12 key cipher $c$3$hsi5ISVHRDAoaEHIBD5p+EENbKqtbjCHDw== # radius scheme office primary authentication 172.16.7.13 key cipher $c$3$v1VnEQR8BAXR6d6C657ASemm2nDMnfi1UA== primary accounting 172.16.7.13 key cipher $c$3$f2gc7kfCrAj4EELCnQpy6fDXVdMzDGoogA== # radius scheme portal primary authentication 172.16.10.20 key cipher $c$3$p3PlZ25WOif6EMbIlrepIB0ooJtD5Iz0tw== user-name-format without-domain # domain hailiang-guest authentication portal local authorization portal none accounting portal none # domain ***.*** authentication lan-access radius-scheme office authorization lan-access radius-scheme office accounting lan-access radius-scheme office # domain office # domain office1 # domain portal11 authentication portal local authorization portal none accounting portal none # domain system # domain default enable system # role name level-0 description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # local-user admin class manage password hash $h$6$36xLJwTT5UZLQE5N$e6LriWZVGLy3JEwn8+NyJpwvmJVExAz1B2GPbNhTb59UXtr+h60IqDBzEgjtOfWVjk1IH4fhs5H33simRaVmbw== service-type telnet http https authorization-attribute user-role network-admin # local-user test1 class manage password hash $h$6$pSryoJWEGOjPwLL4$Tb+KpzKsDzpWJOS3clUJFEXKNT7y1epXron92MMvOjwFtdo/5Gz6US2Qk/VAtawq8T9qPZKWqeU71Wv29h2hew== service-type ftp authorization-attribute user-role network-operator # local-user admin class network password cipher $c$3$w6HUyT8z7ztYApyaRvAwPCsu/SuSfRRH access-limit 222 service-type portal bind-attribute location interface Vlan-interface20 authorization-attribute user-role network-operator # local-user guest01 class network password cipher $c$3$7H1t7sy7ZFcQnpVWLT7Qqau8JAFuqzf4Lw== service-type portal authorization-attribute user-role network-operator # local-user it01 class network password cipher $c$3$JjMSM4MdVD6YLdc21JJGWg4AcM94EA== service-type lan-access authorization-attribute user-role network-operator # local-user test class network password cipher $c$3$LAL3AupvcwV5chpWFUemFXfyfj2W4Ll5PA== service-type portal authorization-attribute user-role network-operator # ftp server enable # portal host-check enable portal free-rule 1 destination ip 192.168.20.0 255.255.255.0 portal free-rule 1 description ip 172.16.20.0 255.255.255.0 portal free-rule 2 destination ip 172.16.7.0 255.255.255.0 portal free-rule 3 destination ip 172.16.20.0 255.255.255.0 portal free-rule 33 destination ip 202.96.209.0 255.255.255.0 # portal web-server web url 172.16.20.250/portal/ # portal local-web-server http default-logon-page defaultfile.zip # portal local-web-server https default-logon-page defaultfile.zip # ip http enable ip https enable # wlan auto-ap enable wlan auto-persistent enable # wlan global-configuration firmware-upgrade disable # wlan ap-group default-group provision auto-update enable vlan 1 ap-model WA4320-ACN-C radio 1 radio enable radio 2 radio enable gigabitethernet 1 # wlan ap-group wa4330-acn provision auto-update enable vlan 1 ap 0440-a927-e1b0 ap 0440-a927-eea0 ap 0440-a927-ffe0 ap 0440-a928-0640 ap 5cc9-992e-8110 ap 5cc9-9934-5d60 ap 5cc9-9934-6630 ap 5cc9-9934-6990 ap 5cc9-9934-6c60 ap 74ea-c8a5-4210 ap ap-22-beiyon ap ap1-c07 ap ap16-ronglian2 ap ap2-c15 ap ap22-beiyon ap ap23-fuzongbangongshi ap ap3-c25 ap ap4 ap ap4-c35 ap ap5-c44 ap ap6-c54 ap ap7-c64 ap ap8 ap ap8-c74 ap ap9 ap ap9-c84 ap-model WA4330-ACN radio 1 radio enable radio 2 max-power 20 radio 3 radio enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap1-c07 model WA4330-ACN serial-id 210235A1K6C187002494 vlan 1 radio 1 channel 36 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 radio disable service-template 2 client-proximity-sensor enable radio 3 channel 1 radio enable service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap10-b06 model WA4320-ACN-C serial-id 219801A0UF8189E00106 vlan 1 band-navigation enable radio 1 channel 149 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 channel 9 service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap11-b15 model WA4320-ACN-C serial-id 219801A0UF8189E00057 vlan 1 radio 1 channel 56 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 6 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap12-b23 model WA4320-ACN-C serial-id 219801A0UF8189E0005S vlan 1 radio 1 channel 64 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 8 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap13-b32 model WA4320-ACN-C serial-id 219801A0UF8189E000R8 vlan 1 radio 1 channel 60 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 7 radio enable <H3C> Inactive timeout reached, logging out. 遗失对主机的连接。 C:\Users\user> <H3C>display cu <H3C>display current-configuration # version 7.1.064, Release 5229 # sysname H3C # wlan band-navigation enable # telnet server enable # irf mac-address persistent timer irf auto-update enable irf auto-merge enable irf member 1 priority 1 # dot1x dot1x authentication-method eap # dhcp enable dhcp relay client-information record undo dhcp relay client-information refresh enable # password-recovery enable # vlan 1 # vlan 2 to 10 # vlan 20 # irf-port 1 # wlan service-template 1 ssid office vlan 2 client max-count 2007 akm mode dot1x cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa client-security authentication-mode dot1x dot1x domain ***.*** service-template enable # wlan service-template 2 ssid machine vlan 4 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$2nKdmOyMjELUCQScsVRGV2L6INXcLfo/H21Pe3w= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template 3 ssid guest vlan 20 client max-count 2007 portal enable method direct portal domain hailiang-guest portal apply web-server http://172.16.20.250:8080/portal service-template enable # wlan service-template 4 ssid WORK vlan 6 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$5PEd4KO4XLnrU13XMewrn1KSAbvqnZDDShwaQAo= cipher-suite ccmp cipher-suite tkip security-ie rsn security-ie wpa service-template enable # wlan service-template sh-it ssid SHHL vlan 2 client max-count 2007 akm mode psk preshared-key pass-phrase cipher $c$3$JCWhFAEa7N75hZPppiQmVmy1wGY2mgONgS1B4MA= cipher-suite tkip security-ie rsn security-ie wpa service-template enable # interface Bridge-Aggregation1 port link-type trunk port trunk permit vlan all # interface NULL0 # interface Vlan-interface2 ip address 172.16.0.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface4 ip address 172.16.2.250 255.255.255.0 dhcp relay server-address 172.16.7.11 # interface Vlan-interface10 ip address 172.16.10.20 255.255.255.0 dhcp select relay dhcp relay server-address 172.16.10.1 # interface Vlan-interface20 ip address 172.16.20.250 255.255.255.0 dhcp relay server-address 172.16.7.11 portal enable method direct portal bas-ip 2.2.2.1 portal apply web-server RZ # interface GigabitEthernet1/0/1 port access vlan 10 # interface GigabitEthernet1/0/2 port access vlan 20 # interface GigabitEthernet1/0/3 # interface GigabitEthernet1/0/4 # interface GigabitEthernet1/0/5 # interface GigabitEthernet1/0/6 # interface GigabitEthernet1/0/7 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # interface GigabitEthernet1/0/8 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # scheduler logfile size 16 # line class console user-role network-admin # line class vty user-role network-operator # line con 0 user-role network-admin # line vty 0 31 authentication-mode scheme user-role network-operator # ip route-static 0.0.0.0 0 172.16.10.1 # undo info-center logfile enable # radius session-control enable # radius scheme "hl office" primary authentication 172.16.7.13 key cipher $c$3$d1pSGze9RWl9E5bTfbsBmhnbS8Y7y4tHbw== primary accounting 172.16.7.13 key cipher $c$3$O8ehCxJ9HqaQZirJvSg8M0hHao0q8vB2Ag== secondary authentication 172.16.7.12 key cipher $c$3$OfuOVDomwIl8id24Gwf6a1jDpiP3aL5tsg== secondary accounting 172.16.7.12 key cipher $c$3$hsi5ISVHRDAoaEHIBD5p+EENbKqtbjCHDw== # radius scheme office primary authentication 172.16.7.13 key cipher $c$3$v1VnEQR8BAXR6d6C657ASemm2nDMnfi1UA== primary accounting 172.16.7.13 key cipher $c$3$f2gc7kfCrAj4EELCnQpy6fDXVdMzDGoogA== # radius scheme portal primary authentication 172.16.10.20 key cipher $c$3$p3PlZ25WOif6EMbIlrepIB0ooJtD5Iz0tw== user-name-format without-domain # domain hailiang-guest authentication portal local authorization portal none accounting portal none # domain ***.*** authentication lan-access radius-scheme office authorization lan-access radius-scheme office accounting lan-access radius-scheme office # domain office # domain office1 # domain portal11 authentication portal local authorization portal none accounting portal none # domain system # domain default enable system # role name level-0 description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # local-user admin class manage password hash $h$6$36xLJwTT5UZLQE5N$e6LriWZVGLy3JEwn8+NyJpwvmJVExAz1B2GPbNhTb59UXtr+h60IqDBzEgjtOfWVjk1IH4fhs5H33simRaVmbw== service-type telnet http https authorization-attribute user-role network-admin # local-user test1 class manage password hash $h$6$pSryoJWEGOjPwLL4$Tb+KpzKsDzpWJOS3clUJFEXKNT7y1epXron92MMvOjwFtdo/5Gz6US2Qk/VAtawq8T9qPZKWqeU71Wv29h2hew== service-type ftp authorization-attribute user-role network-operator # local-user admin class network password cipher $c$3$w6HUyT8z7ztYApyaRvAwPCsu/SuSfRRH access-limit 222 service-type portal bind-attribute location interface Vlan-interface20 authorization-attribute user-role network-operator # local-user guest01 class network password cipher $c$3$7H1t7sy7ZFcQnpVWLT7Qqau8JAFuqzf4Lw== service-type portal authorization-attribute user-role network-operator # local-user it01 class network password cipher $c$3$JjMSM4MdVD6YLdc21JJGWg4AcM94EA== service-type lan-access authorization-attribute user-role network-operator # local-user test class network password cipher $c$3$LAL3AupvcwV5chpWFUemFXfyfj2W4Ll5PA== service-type portal authorization-attribute user-role network-operator # ftp server enable # portal host-check enable portal free-rule 1 destination ip 192.168.20.0 255.255.255.0 portal free-rule 1 description ip 172.16.20.0 255.255.255.0 portal free-rule 2 destination ip 172.16.7.0 255.255.255.0 portal free-rule 3 destination ip 172.16.20.0 255.255.255.0 portal free-rule 33 destination ip 202.96.209.0 255.255.255.0 # portal web-server web url 172.16.20.250/portal/ # portal local-web-server http default-logon-page defaultfile.zip # portal local-web-server https default-logon-page defaultfile.zip # ip http enable ip https enable # wlan auto-ap enable wlan auto-persistent enable # wlan global-configuration firmware-upgrade disable # wlan ap-group default-group provision auto-update enable vlan 1 ap-model WA4320-ACN-C radio 1 radio enable radio 2 radio enable gigabitethernet 1 # wlan ap-group wa4330-acn provision auto-update enable vlan 1 ap 0440-a927-e1b0 ap 0440-a927-eea0 ap 0440-a927-ffe0 ap 0440-a928-0640 ap 5cc9-992e-8110 ap 5cc9-9934-5d60 ap 5cc9-9934-6630 ap 5cc9-9934-6990 ap 5cc9-9934-6c60 ap 74ea-c8a5-4210 ap ap-22-beiyon ap ap1-c07 ap ap16-ronglian2 ap ap2-c15 ap ap22-beiyon ap ap23-fuzongbangongshi ap ap3-c25 ap ap4 ap ap4-c35 ap ap5-c44 ap ap6-c54 ap ap7-c64 ap ap8 ap ap8-c74 ap ap9 ap ap9-c84 ap-model WA4330-ACN radio 1 radio enable radio 2 max-power 20 radio 3 radio enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap1-c07 model WA4330-ACN serial-id 210235A1K6C187002494 vlan 1 radio 1 channel 36 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 radio disable service-template 2 client-proximity-sensor enable radio 3 channel 1 radio enable service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 gigabitethernet 2 # wlan ap ap10-b06 model WA4320-ACN-C serial-id 219801A0UF8189E00106 vlan 1 band-navigation enable radio 1 channel 149 radio enable service-template 2 service-template 4 client-proximity-sensor enable radio 2 channel 9 service-template 2 service-template 4 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap11-b15 model WA4320-ACN-C serial-id 219801A0UF8189E00057 vlan 1 radio 1 channel 56 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 6 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap12-b23 model WA4320-ACN-C serial-id 219801A0UF8189E0005S vlan 1 radio 1 channel 64 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 8 radio enable service-template 2 client-proximity-sensor enable gigabitethernet 1 # wlan ap ap13-b32 model WA4320-ACN-C serial-id 219801A0UF8189E000R8 vlan 1 radio 1 channel 60 radio enable service-template 2 client-proximity-sensor enable radio 2 channel 7 radio enable <H3C> Inactive timeout reached, logging out. 遗失对主机的连接。 C:\Users\user>