Skspruce Technologies Inc. WIA3200 Manuel D’Utilisation
48 JadeOS User Manual
Step 3 Configure user role and apply ACl
(JadeOS)(config)#user-role trole
(JadeOS)(config-trole)#access-list session tacl
Step 4 Configure AAA Profile, and specify user role
(JadeOS)(config)#aaa profile test
(JadeOS)(AAA profile “test”)#initial-role trole
Step 5 Apply AAA profile to VLAN 100
(JadeOS)(config)#vlan 100 aaa profile test
7.3.2 Configuring DNAT
Figure 7-2 Destination address transfer
To configure DNAT address transfer in session ACl, use following command:
<src-subnet> <dest-subnet> <protocol> dst-nat ip <ip-address>
Using figure 7-2 as an example, JadeOS achieves to make user that failed authentica-
tion redirect to portal server (150.0.0.150) by DNAT function. Please refer to chapter
9.4 for more information.
Step 1 To create session ACL and specify DNAT IP address and DNAT destination
IP address, use the following command:
tion redirect to portal server (150.0.0.150) by DNAT function. Please refer to chapter
9.4 for more information.
Step 1 To create session ACL and specify DNAT IP address and DNAT destination
IP address, use the following command:
(JadeOS) (config) #ip access-list session tacl
(JadeOS) (config-sess-tacl) # any host 150.0.0.1 any dst-nat ip 200.0.0.200
Step 2 To create user role and apply it to ACL, use the following command:
(JadeOS) (config) #user-role trole
(JadeOS) (config-trole) #access-list session tacl
Step 3 To create AAA profile and apply it to user role and authentication group, use
the following command:
the following command:
(JadeOS) (config) #aaa profile test
(JadeOS) (AAA profile “test”) #http-redirection enable
(JadeOS) (AAA profile “test”) #initial-role trole