• 华为Me60 bras web认证 portal认证配置

    • 华为Me60 bras web认证 portal认证配置

      aaa
      http-redirect enable
      domain pre-web --------认证前域
      authentication-scheme default0
      accounting-scheme default0
      user-group web
      web-server 111.208.61.24
      web-server url http://111.208.61.24
      acl number 6001 ------举例,配置前域可以访问的地址,不需要配置端口号
      rule permit ip source user-group web destination ip-address 111.208.22.73 0
      rule permit ip source user-group web destination ip-address 111.208.55.7 0
      rule permit ip source user-group web destination ip-address 111.208.61.40 0
      rule permit ip source user-group web destination ip-address 111.208.61.4 0
      rule permit ip source user-group web destination ip-address 127.0.0.1 0
      acl number 6002 ----用户访问其他http资源都强推页面,支持80和8080端口,端口号必须配置,需要确保以下规则的配置顺序。
      rule permit tcp source user-group wx destination-port eq www
      rule permit tcp source user-group wx destination-port eq 8080
      rule permit ip source user-group wx -----当用户访问非http资源(如FTP)时命中这条规则,流动作是http-redirect的情况下会做deny处理

      traffic classifier permit
      if-match acl 6001

      traffic classifier redirect
      if-match acl 6002

      traffic behavior permit

      traffic behavior redirect
      http-redirect

      traffic policy web
      classifier permit behavior permit
      classifier redirect behavior redirect

      traffic-policy web inbound

Powered by Typecho)))   ICP:蜀ICP备05009250号