★ Oasis fixed account Authentication Configuration
- 0 Followed
- 0Collected ,4986Browsed
Network Topology
Oasis-------AC+AP
Configuration Steps
[H3C]dis cur
#
version 7.1.064, Release 5430P04 // The devices of AC product 5405 and later software versions support automatic issuance of certification configuration. Devices of the old version need to be manually configured as described below.
#
clock timezone Beijing add 08:00:00
clock protocol ntp
ntp-service enable
ntp-service unicast-server time.nist.gov
#
wlan global-configuration
nas-id cm-0-1270448-21xxxxxxxxxC16A000014
#
dns server 114.114.114.114
cloud-management server domain oasis.h3c.com
#
vlan 1
#
vlan 100
#
dhcp server ip-pool 100
gateway-list 172.20.10.7
network 172.20.10.0 mask 255.255.255.0
dns-list 114.114.114.114
#
wlan service-template psk
ssid psk
akm mode psk
preshared-key pass-phrase simple12345678
cipher-suite ccmp
security-ie rsn
portal enable method direct
portal domain cloud
portal apply web-server psk
portal temp-pass period 20 enable
service-template enable
#
domain cloud
authorization-attribute idle-cut 30 10240
authorization-attribute session-timeout 360
authentication portal none
authorization portal none
accounting portal none
#
#
portal free-rule 2346257224 destination open.weixin.qq.com
portal free-rule 2346257225 destination ip any tcp 5223
portal free-rule 2346257226 destination ip 114.114.114.114 255.255.255.255
portal free-rule 2346257227 destination ip any udp 53
portal free-rule 2346257228 destination ip any tcp 53
portal free-rule 2346257229 destination oasisauth.h3c.com
portal free-rule 2346257230 destination short.weixin.qq.com
portal free-rule 2346257231 destination mp.weixin.qq.com
portal free-rule 2346257232 destination long.weixin.qq.com
portal free-rule 2346257233 destination dns.weixin.qq.com
portal free-rule 2346257234 destination minorshort.weixin.qq.com
portal free-rule 2346257235 destination extshort.weixin.qq.com
portal free-rule 2346257236 destination szshort.weixin.qq.com
portal free-rule 2346257237 destination szlong.weixin.qq.com
portal free-rule 2346257238 destination szextshort.weixin.qq.com
portal free-rule 2346257239 destination isdspeed.qq.com
portal free-rule 2346257240 destination wx.qlogo.cn
portal free-rule 2346257241 destination long.open.weixin.qq.com
portal free-rule 2346257242 destination res.wx.qq.com
portal free-rule 2346257243 destination wifi.weixin.qq.com
portal safe-redirect enable
portal safe-redirect user-agent Android
portal safe-redirect user-agent CaptiveNetworkSupport
portal safe-redirect user-agent MicroMessenger
portal safe-redirect user-agent Mozilla
portal safe-redirect user-agent WeChat
portal safe-redirect user-agent micromessenger
#
portal web-server psk
url http://oasisauth.h3c.com/portal/protocol
server-type oauth
if-match user-agent CaptiveNetworkSupport redirect-url http://oasisauth.h3c.com/generate_404
if-match user-agent Dalvik/2.1.0(Linux;U;Android7.0;HUAWEI redirect-url http://oasisauth.h3c.com/generate_404
if-match original-url http://10.118.128.168 temp-pass
if-match original-url http://captive.apple.com user-agent Mozilla temp-pass redirect-url http://oasisauth.h3c.com/portal/protocol
if-match original-url http://o2o.gtimg.com/wifi/echo temp-pass redirect-url http://oasisauth.h3c.com/generate_404
if-match original-url http://www.apple.com user-agent Mozilla temp-pass redirect-url http://oasisauth.h3c.com/portal/protocol
#
portal local-web-server http
#
portal local-web-server https
#
#
ip http enable
ip https enable
#
portal mac-trigger-server cloud
binding-retry 2 interval 3
cloud-binding enable
#
#
wlan auto-ap enable
wlan auto-persistent enable
#
wlan ap 5320 model WA5320
serial-id 219801A011111CE02151
vlan 1
radio 1
radio enable
service-template psk vlan 100
radio 2
radio enable
service-template psk vlan 100
gigabitethernet 1
gigabitethernet 2
#
return
Key Configuration
dns server 114.114.114.114
cloud-management server domain oasis.h3c.com