设为首页收藏本站加入频道
快捷导航
请使用QQ邮箱注册 登录

QQ登录

只需一步,快速开始

EmulatedLab»论坛 EVE-NG 经验交流 锐捷SW对接Agile Controller不成功~~
返回列表 发新帖
查看: 54|回复: 0

锐捷SW对接Agile Controller不成功~~

cfplzjc

17

主题

100

回帖

2037

积分

版主

Rank: 7Rank: 7Rank: 7

积分
2037

1、网络拓扑

Ruijie-SW1作为核心交换机,agg1上联Ruijie-RSR,g0/0旁挂华为AR充当DHCP服务器,g0/3横联华为Agile Controller充当radius服务器,做一个小小的portal实验

目前进展:输入1.1.1.1无法跳转portal页面,ISP为家用路由器,通过在Ruijie-RSR和家用路由器做2次NAT,实现访问外网。

图片.png

2、网络配置

(1)Ruijie-RSR

!
hostname ISP01
!
ip access-list standard 10
 1 permit 192.168.1.0 0.0.0.255 
!
interface GigabitEthernet 0/0
 ip address dhcp
 ip nat outside
!
interface AggregatePort 1
 no switchport
 ip address 172.16.1.1 255.255.255.252
 ip nat inside
!
interface GigabitEthernet 0/1
 port-group 1
!
interface GigabitEthernet 0/2
 port-group 1
!
ip nat inside source list 10 interface GigabitEthernet 0/0 overload

(2)Ruijie-SW01

!
hostname HX-SW01
!
ip portal source-interface GigabitEthernet 0/3
http redirect direct-site 10.1.5.107
http redirect direct-site 10.168.1.254
!
web-auth template portal v2
 ip 10.1.5.107
 url http://10.1.5.107:8080/portal
!
web-auth portal key pass@800
!
aaa new-model
!
aaa accounting update periodic 15
aaa accounting update
aaa accounting network default start-stop group radius
aaa authorization network default group radius
aaa authentication web-auth default group radius
!
service dhcp
!
ip radius source-interface GigabitEthernet 0/3
!
vlan range 1,10
!
interface GigabitEthernet 0/0
 no switchport
 description th
 ip address 172.16.2.2 255.255.255.252
!
interface AggregatePort 1
 no switchport
 ip address 172.16.1.2 255.255.255.252
!
interface GigabitEthernet 0/1
 no switchport
 port-group 1
!
interface GigabitEthernet 0/2
 no switchport
 port-group 1
!
interface GigabitEthernet 0/3
 no switchport
 ip address 10.1.5.254 255.255.255.0
!
interface GigabitEthernet 0/4
 switchport mode trunk
 web-auth enable portal
!
interface VLAN 10
 ip address 192.168.1.254 255.255.255.0
 ip helper-address 172.16.2.1
!
ip route 0.0.0.0 0.0.0.0 172.16.1.1

(3)DHCP_Server

#
 sysname dhcp
#
dhcp enable
#
ip pool user
 gateway-list 192.168.1.254 
 network 192.168.1.0 mask 255.255.255.0 
 dns-list 10.168.1.254 
#
interface GigabitEthernet0/0/0
 ip address 172.16.2.1 255.255.255.252
 dhcp select global
#
ip route-static 192.168.1.0 255.255.255.0 172.16.2.2

(4)Ruijie-SW2

!
hostname Access-SW02
!
vlan range 1,10
!
interface GigabitEthernet 0/0
 switchport mode trunk
!
interface GigabitEthernet 0/1
 switchport access vlan 10

(5)radius配置

=======================设备管理

图片.png

图片.png

=======================添加用户

图片.png

========================认证授权,略,其它实验已多次贴出

3、实验结果

(1)ping DNS不通,这里设置为内网dns=10.168.1.254,在锐捷路由器上可以看到nat表项,输入1.1.1.1无法正常跳转

图片.png

图片.png

图片.png

(2)直接输入portal认证地址,也认证不成功,radius无认证记录

图片.png

图片.png

回复

使用道具 举报

本版积分规则

使用Markdown编辑器编辑 使用富文本编辑器编辑

小黑屋|加入频道|
Copyright   ©2015-2024  EmulatedLab  Powered by Discuz!©   ( 浙ICP备2021010423号-1 )
快速回复 返回列表 返回顶部