Other HPE Product Questions
1824021 Members
3723 Online
109667 Solutions
New Discussion

5140 EI switch How to configure to use web authentication

 
take_2343
Occasional Visitor

5140 EI switch How to configure to use web authentication

We are planning to replace the switch with this one, but I am not sure how to web authentication set it up.
The switch before replacement is configured to obtain an IP address (192.168.1.0/24) from the DHCP server before web authentication and use the distributed IP address even after passing web authentication.
I tried to do the same configuration on this switch, but it did not work.


client --- 5140switch --- CoreSW --- RADIUS server 192.168.20.1
                                              |
                                                ------- DHCP server 192.168.30.1、192.168.30.2
                                              |
                                               ------- server 192.168.1.0/24

Test Configuration

vlan 2

ip route-static 0.0.0.0 0.0.0.0 192.168.1.254

interface Vlan-interface 2
ip address 192.168.1.251 255.255.255.0

interface loopBack 0
description web-auth_address
ip address 10.0.0.1 24

radius scheme radius
primary authentication 192.168.20.1
key authentication simple password
user-name-format without-domain

domain auth
authentication default radius-scheme radius
authorization default radius-scheme radius

portal local-web-server http
default-logon-page weblogin.zip

web-auth server webauth
url http://10.0.0.1/portal/
ip 10.0.0.1 port 80

interface GigabitEthernet 1/0/1
description to_CoreSW
port access vlan 2
quit

interface GigabitEthernet 1/0/2
description to_client
port access vlan 2
web-auth domain auth
web-auth enable apply server webauth

 

The switch before replacement is configured to obtain an IP address (192.168.1.0/24) from the DHCP server before web authentication and use the distributed IP address even after passing web authentication.
I tried to do the same configuration on this switch, but it did not work.


When I connect a client, I can confirm that an IP address is distributed from the DHCP server, but I cannot access the web authentication screen (http://10.0.0.1/portal/).
All routing on the 5140 switch is directed to the CoreSW gateway address (192.168.1.254), and the default gateway distributed by DHCP is the same IP address (192.168.1.254).
There is no routing for the network address (10.0.0.0/24) of the WEB authentication URL in the routing table of CoreSW.


When I set the default gateway for the client to the VLAN2 address (192.168.1.251) of the switch, I was able to access the web authentication screen.
I had thought that the 5140 switch would route communications directed to the web authentication address on its own, but this does not seem to be the case.
I don't want to change the DHCP server or CoreSW routing settings, so is there any way to configure the client to access the web authentication screen without changing the default gateway of the client?

 

 

2 REPLIES 2
support_s
System Recommended

Query: 5140 EI switch How to configure to use web authentication

Hello,

 

Thank you for Posting! HPE Networking forum has moved to Aruba Airheads Community and for HPE networking and Aruba product queries, request you to visit and post your query here.

 

You can refer to this link for more details.

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

 

Thank you for being a HPE valuable community member.


Accept or Kudo

take_2343
Occasional Visitor

Re: Query: 5140 EI switch How to configure to use web authentication

Thank you for guiding me.

I'll ask there.