188
# Correlate DHCP server group 1 with VLAN-interface 3.
[Switch-Vlan-interface3] dhcp relay server-select 1
[Switch-Vlan-interface3] quit
Verifying the configuration
Before user userpt accesses a web page, the user is in VLAN 8 (the initial VLAN), and is assigned with
an IP address on subnet 192.168.1.0/24. When the user accesses a web page on the external network,
the web request will be redirected to authentication page https://4.4.4.4/portal/logon.htm. After
entering the correct username and password, the user can pass the authentication. Then, the device will
move the user from VLAN 8 to VLAN 3, the authorized VLAN. You can use the display connection
ucibindex command to view the online user information
<Switch> display connection ucibindex 30
Slot: 1
Index=30 , Username=userpt@triple
MAC=0015-e9a6-7cfe
IP=192.168.1.2
IPv6=N/A
Access=PORTAL ,AuthMethod=PAP
Port Type=Ethernet,Port Name=Ethernet1/0/1
Initial VLAN=8, Authorization VLAN=3
ACL Group=Disable
User Profile=N/A
CAR=Disable
Priority=Disable
Start=2009-11-26 17:40:02 ,Current=2009-11-26 17:48:21 ,Online=00h08m19s
Total 1 connection matched.
Use the display mac-vlan all command to view the generated MAC-VLAN entries, which record the MAC
addresses passing authentication and the corresponding VLANs.
[Switch] display mac-vlan all
The following MAC VLAN addresses exist:
S:Static D:Dynamic
MAC ADDR MASK VLAN ID PRIO STATE
--------------------------------------------------------
0015-e9a6-7cfe ffff-ffff-ffff 3 0 D
Total MAC VLAN address count:1
If a client fails authentication, it will be added to VLAN 2. Use the previously mentioned commands to
view the assigned IP address and the generated MAC-VLAN entry for the client.
Troubleshooting portal
Inconsistent keys on the access device and the portal server
Symptom
When a user is forced to access the portal server, the portal server displays a blank web page, rather
than the portal authentication page or an error message.
To Next Page
Loading...
Need help?
General