收藏
下载资源下载资源 加入VIP,免费下载

DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx

上传人:b****5 文档编号:7161455 上传时间:2023-01-21 格式:DOCX 页数:31 大小:1.70MB
下载 相关 举报
DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx_第1页
第1页 / 共31页
DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx_第2页
第2页 / 共31页
DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx_第3页
第3页 / 共31页
DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx_第4页
第4页 / 共31页
DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx_第5页
第5页 / 共31页
点击查看更多>>
下载资源
资源描述

DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx

《DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx》由会员分享,可在线阅读,更多相关《DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx(31页珍藏版)》请在冰豆网上搜索。

DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100.docx

DCNDCSMRSDCSMBR与DCN交换机做8021X多FREERESOURCE和8021X的WEB重定向功能认证手册V01100

802.1X多FREESOURCE和802.1X的WEB重定向功能配置手册

 

神州数码网络有限公司

编写人:

陈彦斌

2014年2月20日

 

功能描述

部署DCSM-RS认证计费设备旁路时配合DCRS-5750和DCRS-3950实现802.1X认证前可以重定向到某个指定的网址和支持多条freeresource的功能。

一.DCSM-BW管理端配置步骤

DCSM-BW与DCSM-RS联通调试见”《DCSM-BW与DCSM-BR(DCSM-RS)快速配置手册》”

DCSM管理端配置步骤:

创建资费组à创建地区组à创建带宽组à创建套餐组à设置RADIUS服务器à创建用户

1.登陆WEB管理端

在IE浏览器中输入“http:

//x.x.x.x/DCSMManager”(其中x.x.x.x为DCSM-BW服务器的IP地址)。

将得到DCSM-BW管理端登录页面,如下图:

输入初始用户名/密码:

9000/123,将进入管理端首页。

2.创建资费组

在【策略管理】à【资费组配置】里先配置一个资费组(测试的时候可以选择合约用户组类型,费率为0,即免费组)。

新建资费组,如图:

在合约资费里设置费率为0,如图:

在资费组里的控制策略勾选“允许RADIUS认证”,如图:

此时【资费组配置】配置完毕。

3.创建地区组

在【地区组配置】里新建地区组,如图:

4.创建带宽组

在【目标地址带宽】里先设置好带宽值,以下配置了1M带宽值和4M带宽值。

★小提示:

DCSM-BW的带宽单位是KBPS,传统的带宽值是kbps,需要注意。

如图:

1M带宽值:

4M带宽值:

【目标地址带宽】创建完毕,如图:

在【带宽组配置】中将【目标地址带宽】创建好的配置添加。

创建1M带宽组,如图:

创建4M带宽组,如图:

【带宽组配置】配置完成,如图:

5.创建套餐组

在【套餐组配置】中将【资费组配置】,【地区组配置】,【带宽组配置】捆绑成【套餐组配置】。

★小提示:

需要注意的是【套餐组配置】中的“套餐代码”,“套餐代码”设置成一样的数字的时候账户是可以在相同“套餐代码”中的套餐切换,反之不通“套餐代码”中的套餐是无法切换的。

如图:

创建1M套餐组

创建4M套餐组

套餐组创建完毕

6.设置RADIUS服务器

在【设备管理】中的【RADIUS服务器】添加802.1X交换机地址。

备注:

其中“参数”里DCN交换机配置:

DM0:

SM。

再【RADIUS服务器】里导出EXCEL模板,在模板中添加交换机设置,如图:

导出EXCEL模板

设置ECXEL模板

EXCEL模板完成后,导入EXCEL,完成

7.创建用户

在【用户管理】中【业务受理】里的【开户】设置用户来完成测试。

如图:

创建1M用户test

创建4M用户test1

8.DCSM-RS中关闭下发带宽功能

在DCSM-RS中关闭下发带宽属性的功能以防止DCSM-RS将带宽下发给交换机,

telnet到DCSM-RS上,账号/密码:

ishaer/123(默认),输入:

optionunsend197att1

如图:

输入完毕后使用sysoption查看该功能是否开启

 

二.DCN交换机802.1X认证

1.DCN交换机配置

以下是DCSM-RS对于DCN交换机Dot1x认证,这里以DCRS-5750交换机为例。

文档中只涉及802.1X相关配置,路由以及vlan信息这里不做考虑。

XSSS3-DCRS-5750-52T-2F#showrun

!

noservicepassword-encryption

!

hostnameXSSS3-DCRS-5750-52T-2F

sysLocationChina

sysContact800-810-9119

!

usernameadminprivilege15password0admin

!

!

!

snmp-serverenable

snmp-serversecurityip10.10.20.229

snmp-serverhost10.10.20.229v1usertrap

snmp-servercommunityro0public

snmp-servercommunityrw0private

snmp-serverenabletraps

!

ipdhcpsnoopingenable

ipdhcpsnoopingbindingenable

!

!

!

!

!

!

!

loopback-detectioninterval-time3515

!

loopback-detectioncontrol-recoverytimeout300

!

!

vlan1;10-30

!

radius-serverkey0test

radius-serverauthenticationhost10.10.20.225

radius-serveraccountinghost10.10.20.225

aaa-accountingenable

aaaenable

!

dot1xenable

dot1xwebredirecthttp:

//10.10.20.226/Self

dot1xfree-resource10.10.20.226255.255.255.255

dot1xfree-resource10.10.20.225255.255.255.255

dot1xfree-resource42.120.23.244255.255.255.255

dot1xfree-resource61.135.209.173255.255.255.255

dot1xfree-resource58.253.96.22255.255.255.255

dot1xfree-resource112.90.217.182255.255.255.255

dot1xfree-resource211.138.236.206255.255.255.255

dot1xfree-resource211.137.182.167255.255.255.255

dot1xfree-resource211.138.236.208255.255.255.255

dot1xprivateclientenable

dot1xunicastenable

!

InterfaceEthernet1/0/1

switchportaccessvlan21

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan21

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/2

switchportaccessvlan21

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan21

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/3

switchportaccessvlan21

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan21

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/4

switchportaccessvlan21

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan21

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/5

switchportaccessvlan21

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan21

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/6

switchportaccessvlan22

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan22

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/7

switchportaccessvlan22

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan22

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/8

switchportaccessvlan22

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan22

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/9

switchportaccessvlan22

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan22

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/10

switchportaccessvlan22

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan22

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/11

switchportaccessvlan23

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan23

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/12

switchportaccessvlan23

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan23

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/13

switchportaccessvlan23

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan23

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/14

switchportaccessvlan23

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan23

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/15

switchportaccessvlan23

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan23

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/16

switchportaccessvlan24

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan24

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/17

switchportaccessvlan24

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan24

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/18

switchportaccessvlan24

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan24

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/19

switchportaccessvlan24

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan24

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/20

switchportaccessvlan24

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan24

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/21

switchportaccessvlan25

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan25

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/22

switchportaccessvlan25

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan25

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/23

switchportaccessvlan25

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan25

loopback-detectioncontrolshutdown

ipdhcpsnoopingbindingdot1x

ipdhcpsnoopingactionblackholerecovery30

!

InterfaceEthernet1/0/24

switchportaccessvlan25

dot1xenable

dot1xport-methoduserbasedstandard

dot1xwebredirectenable

loopback-detectionspecified-vlan25

loopback-detectioncontrolshutdown

ipdhcpsn

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > PPT模板 > 图表模板

copyright@ 2008-2022 冰豆网网站版权所有

经营许可证编号:鄂ICP备2022015515号-1