3com S7906E 安装指导

 

1-24 

z 

The host is directly connected to the switch and the switch is configured for re-DHCP 

authentication. The host is assigned with an IP address through the DHCP server. Before portal 

authentication, the host uses an assigned private IP address. After passing portal authentication, it 

can get a public IP address. 

z 

When users using the host have passed identity authentication but have not passed security 

authentication, they can access only subnet 192.168.0.0/24. After passing the security 

authentication, they can access unrestricted Internet resources. 

z 

A RADIUS server serves as the authentication/accounting server. 

Figure 1-13 Configure re-DHCP portal authentication with extended functions 

 

 

 

z 

For re-DHCP authentication, you need to configure a public address pool (20.20.20.0/24, in this 

example) and a private address pool (10.0.0.0/24, in this example) on the DHCP server. The 

configuration steps are omitted. For DHCP configuration information, refer to DHCP Configuration 

in the IP Services Volume. 

z 

For re-DHCP authentication, the switch must be configured as a DHCP relay agent (instead of a 

DHCP server) and the portal-enabled interface must be configured with a primary IP address (a 

public IP address) and a secondary IP address (a private IP address). 

z 

You need to configure IP addresses for the devices as shown in 

 and ensure that routes 

are available between devices. 

z 

Perform configurations on the RADIUS server to ensure that the user authentication and 

accounting functions can work normally. 

 

Configure the switch: