开启辅助访问 设为首页     收藏本站     HTTPS安全访问
 找回密码
 立即注册

求助 华为路由AR1220 对接不成功

chen0522 回复:1 | 查看:15205 | 发表于 2016-8-6 14:18:43 |阅读模式 |复制链接
服务器地址:192.168.1.3     开启portal认证的网段是192.168.5.1  都配置完成后,电脑 手机都可以跳转到认证页面,但都认证失败下面是 路由配置跟openportal 的设置,帮忙看看是什么问题?
[V200R005C20SPC200]
#
sysname router

#
l2tp enable
#
ipv6
#
dns resolve  
dns server 202.103.224.68
dns server 202.103.225.68
dns proxy enable
#
vlan batch 10 20 30
#
arp learning strict
#
domain isp1
#
wlan ac-global carrier id other ac id 0
#
portal free-rule 0 source ip 192.168.1.3 mask 255.255.255.0
portal free-rule 1 source ip 192.168.1.3 mask 255.255.255.255
portal free-rule 2 source ip 192.168.5.1 mask 255.255.255.255
portal free-rule 3 destination ip 192.168.5.1 mask 255.255.255.255
portal free-rule 4 source ip 114.114.114.114 mask 255.255.255.255
portal free-rule 5 destination ip 114.114.114.114 mask 255.255.255.255
portal free-rule 6 source ip 202.103.224.68 mask 255.255.255.255
portal free-rule 7 destination ip 202.103.224.68 mask 255.255.255.255
portal free-rule 8 source ip 180.142.128.123 mask 255.255.255.255
portal free-rule 9 destination ip 180.142.128.123 mask 255.255.255.255
portal free-rule 10 destination ip 202.103.224.68 mask 255.255.255.255 source any
portal free-rule 11 source ip 180.142.128.97 mask 255.255.255.255
portal free-rule 12 destination ip 180.142.128.97 mask 255.255.255.255
#
sac enable signature flash:/sacrule.dat
#
dhcp enable
#
ip accounting mismatched-threshold 4096
#
radius-server template rd1
radius-server shared-key cipher chen0522
radius-server authentication 192.168.1.3 1812 weight 80
#
pki realm default
enrollment self-signed

#
acl name SAC_acl2 2997  
rule 5 permit source 192.168.1.0 0.0.0.255
acl name SAC_acl1 2998  
rule 5 permit source 192.168.4.0 0.0.0.255
acl name GigabitEthernet0/0/0 2999  
rule 5 permit

#
web-auth-server abc
server-ip 192.168.1.3
port 50100
shared-key cipher chen0522
url http://192.168.1.3:80
#
web-auth-server layer3
port 50100
#
ip pool pool1
gateway-list 10.1.1.1
network 10.1.1.0 mask 255.255.255.0
#
aaa
authentication-scheme default
authentication-scheme abc
  authentication-mode radius
authorization-scheme default
accounting-scheme default
domain default  
domain default_admin  
domain isp1  
  authentication-scheme abc
  radius-server rd1
local-user admin password cipher %@%@{zUk&o@tl!&hcD%0u(A#rWA0%@%@
local-user admin privilege level 15
local-user admin ftp-directory 15
local-user admin service-type telnet http
#
firewall zone yjx
priority 15
#
firewall zone Local
priority 16
#
firewall defend syn-flood enable
firewall defend icmp-flood enable
firewall defend syn-flood ip 192.168.1.9  tcp-proxy on
#
interface Vlanif1
ip address 192.168.1.252 255.255.255.0
zone yjx
dhcp select interface
dhcp server excluded-ip-address 192.168.1.1 192.168.1.30
dhcp server lease day 0 hour 2 minute 0
dhcp server dns-list 192.168.1.252
ip accounting input-packets
ip accounting output-packets
#
interface Vlanif20
description HUAWEI,Vlanif20 Interface
ip address 192.168.4.1 255.255.255.0
traffic-policy SAC_manager inbound
zone yjx
dhcp select interface
dhcp server lease day 0 hour 2 minute 0
dhcp server dns-list 192.168.4.1
#
interface Vlanif30
ip address 192.168.5.1 255.255.255.0
web-auth-server abc direct
dhcp select interface
dhcp server dns-list 192.168.5.1
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
port link-type access
port default vlan 20
#
interface Ethernet0/0/4
port link-type access
port default vlan 20
#
interface Ethernet0/0/5
port link-type access
port default vlan 20
#
interface Ethernet0/0/6
undo port hybrid vlan 1
#
interface Ethernet0/0/7
port hybrid pvid vlan 30
undo port hybrid vlan 1
port hybrid untagged vlan 30
#
interface GigabitEthernet0/0/0
tcp adjust-mss 1460
ip address 180.142.128.123 255.255.255.224
traffic-policy p2p inbound
nat outbound 2999
zone yjx
ip accounting input-packets
ip accounting output-packets
#
interface GigabitEthernet0/0/1
ip accounting input-packets
ip accounting output-packets
#
interface Cellular0/0/0
link-protocol ppp
ip accounting input-packets
ip accounting output-packets
#
interface Cellular0/0/1
link-protocol ppp
ip accounting input-packets
ip accounting output-packets
#
interface NULL0
#
interface LoopBack6
#
ftp server enable
#
info-center timestamp log format-date
#
snmp-agent local-engineid 800007DB03E468A3A720D1
snmp-agent sys-info version all
snmp-agent
#
ssh server compatible-ssh1x enable
#
http timeout 3
http secure-server ssl-policy abc
http server enable
http secure-server enable
#
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0 180.142.128.97
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$j7OzLKsW;V[:+~6NXE[',.#@=a7B'qX:w/"|^lV-[MA6.#C,%$%$
user-interface vty 0 4
authentication-mode aaa
#

return

QQ截图20160806141645.png
QQ截图20160806141744.png
回复

使用道具 举报

发表于 2016-8-6 22:56:59
这个也没法判断,只有远程看时时信息来判断问题。。。远程是要VIP的喔。。。。欢迎捐助VIP,享受远程安装、部署、对接、调试及各种问题解答~!!!
回复 支持 反对

使用道具 举报

登录 发布 快速回复 返回顶部 返回列表