有大佬有csdn账号嘛 帮忙下载一篇文章配置

mark123

https://blog.csdn.net/weixin_61590430/article/details/123250294

boq

刚发现我的会员到期了

mark123

boq 发表于 2023-11-28 20:57
刚发现我的会员到期了

感谢大哥心意

goden_er

由于设备与云简网络的通信是基于解析云简网络域名，因此需要配置DNS服务器，host。
cloud-management server domain oasis.h3c.com
dns server 114.114.114.114
ip host oasisauth.h3c.com 101.36.161.146
ip host oasis.h3c.com  101.36.161.141

查看AC与云简网络的通信状态
display   cloud-management   state

AC需要配置NTP服务器同步时间，保证AC与云简网络上数据的同步
ntp-service enable
ntp-service unicast-server registry.h3c.com priority
ntp-service unicast-server pool.ntp.org
ntp-service unicast-server time.windows.com
ntp-service unicast-server time.nist.gov

domain cloud
authorization-attribute idle-cut 30 10240
authorization-attribute session-timeout 360
authentication portal none
authorization portal none
accounting portal none


配置web服务连接
portal web-server test
url http://oasisauth.h3c.com/portal/protocol
server-type oauth
优化苹果手机认证
portal web-server test
captive-bypass ios optimize enable
if-match user-agent CaptiveNetworkSupport redirect-url http://oasisauth.h3c.com/generate_404
if-match user-agent Dalvik/2.1.0(Linux;U;Android7.0;HUAWEI redirect-url http://oasisauth.h3c.com/generate_404
if-match original-url http://10.168.168.168 temp-pass
if-match original-url http://captive.apple.com user-agent Mozilla temp-pass redirect-url http://oasisauth.h3c.com/portal/protocol
if-match original-url http://o2o.gtimg.com/wifi/echo temp-pass redirect-url http://oasisauth.h3c.com/generate_404
if-match original-url http://www.apple.com user-agent Mozilla temp-pass redirect-url http://oasisauth.h3c.com/portal/protocol

认证界面是http方式（目前不支持https）
[AC] portal local-web-server http
[AC] portal host-check enable

配置免认证规则  
portal client-gateway interface Vlan-interface999      (认证的业务vlan)        
portal free-rule 2346257224 destination open.weixin.qq.com
portal free-rule 2346257225 destination ip any tcp 5223
portal free-rule 2346257226 destination ip 114.114.114.114 255.255.255.255
portal free-rule 2346257227 destination ip any udp 53
portal free-rule 2346257228 destination ip any tcp 53
portal free-rule 2346257229 destination oasisauth.h3c.com
portal free-rule 2346257230 destination short.weixin.qq.com
portal free-rule 2346257231 destination mp.weixin.qq.com
portal free-rule 2346257232 destination long.weixin.qq.com
portal free-rule 2346257233 destination dns.weixin.qq.com
portal free-rule 2346257234 destination minorshort.weixin.qq.com
portal free-rule 2346257235 destination extshort.weixin.qq.com
portal free-rule 2346257236 destination szshort.weixin.qq.com
portal free-rule 2346257237 destination szlong.weixin.qq.com
portal free-rule 2346257238 destination szextshort.weixin.qq.com
portal free-rule 2346257239 destination isdspeed.qq.com
portal free-rule 2346257240 destination wx.qlogo.cn
portal free-rule 2346257241 destination long.open.weixin.qq.com
portal free-rule 2346257242 destination res.wx.qq.com
portal free-rule 2346257243 destination wifi.weixin.qq.com

portal safe-redirect enable
portal safe-redirect user-agent Android
portal safe-redirect user-agent CaptiveNetworkSupport
portal safe-redirect user-agent MicroMessenger
portal safe-redirect user-agent Mozilla
portal safe-redirect user-agent WeChat
portal safe-redirect user-agent micromessenger

#配置web服务。
[AC] ip http enable
[AC] ip https enable

然后在AC上的无线模板上应用

配置完后，不行在重启AC

mark123

goden_er 发表于 2023-11-28 21:41
由于设备与云简网络的通信是基于解析云简网络域名，因此需要配置DNS服务器，host。
cloud-management serve ...

感谢大哥  

goden_er

mark123 发表于 2023-11-28 21:46
感谢大哥

不客气

xftaw

淘宝0.5下载一次



小尾巴~~~~~

看签名>>>