由于設備與云簡網絡的通信是基于解析云簡網絡域名，因此需要配置DNS服務器，host。
cloud-management server domain oasis.h3c.com
dns server 114.114.114.114
ip host oasisauth.h3c.com 101.36.161.146
ip host oasis.h3c.com? 101.36.161.141

查看AC與云簡網絡的通信狀態
display?? cloud-management?? state

AC需要配置NTP服務器同步時間，保證AC與云簡網絡上數據的同步
ntp-service enable
?ntp-service unicast-server registry.h3c.com priority
?ntp-service unicast-server pool.ntp.org
?ntp-service unicast-server time.windows.com
?ntp-service unicast-server time.nist.gov

domain cloud
?authorization-attribute idle-cut 30 10240
?authorization-attribute session-timeout 360
?authentication portal none
?authorization portal none
?accounting portal none

配置web服務連接
portal web-server test
?url http://oasisauth.h3c.com/portal/protocol
?server-type oauth
優化蘋果手機認證
portal web-server test
?captive-bypass ios optimize enable
?if-match user-agent CaptiveNetworkSupport redirect-url http://oasisauth.h3c.com/generate_404
?if-match user-agent Dalvik/2.1.0(Linux;U;Android7.0;HUAWEI redirect-url http://oasisauth.h3c.com/generate_404
?if-match original-url http://10.168.168.168 temp-pass
?if-match original-url http://captive.apple.com user-agent Mozilla temp-pass redirect-url http://oasisauth.h3c.com/portal/protocol
?if-match original-url http://o2o.gtimg.com/wifi/echo temp-pass redirect-url http://oasisauth.h3c.com/generate_404
?if-match original-url http://www.apple.com user-agent Mozilla temp-pass redirect-url http://oasisauth.h3c.com/portal/protocol

認證界面是http方式（目前不支持https）
[AC] portal local-web-server http
[AC] portal host-check enable
?
配置免認證規則 ?
?portal client-gateway interface Vlan-interface999????? (認證的業務vlan)?????? ?
?portal free-rule 2346257224 destination open.weixin.qq.com
?portal free-rule 2346257225 destination ip any tcp 5223
?portal free-rule 2346257226 destination ip 114.114.114.114 255.255.255.255
?portal free-rule 2346257227 destination ip any udp 53
?portal free-rule 2346257228 destination ip any tcp 53
?portal free-rule 2346257229 destination oasisauth.h3c.com
?portal free-rule 2346257230 destination short.weixin.qq.com
?portal free-rule 2346257231 destination mp.weixin.qq.com
?portal free-rule 2346257232 destination long.weixin.qq.com
?portal free-rule 2346257233 destination dns.weixin.qq.com
?portal free-rule 2346257234 destination minorshort.weixin.qq.com
?portal free-rule 2346257235 destination extshort.weixin.qq.com
?portal free-rule 2346257236 destination szshort.weixin.qq.com
?portal free-rule 2346257237 destination szlong.weixin.qq.com
?portal free-rule 2346257238 destination szextshort.weixin.qq.com
?portal free-rule 2346257239 destination isdspeed.qq.com
?portal free-rule 2346257240 destination wx.qlogo.cn
?portal free-rule 2346257241 destination long.open.weixin.qq.com
?portal free-rule 2346257242 destination res.wx.qq.com
?portal free-rule 2346257243 destination wifi.weixin.qq.com

?portal safe-redirect enable
?portal safe-redirect user-agent Android
?portal safe-redirect user-agent CaptiveNetworkSupport
?portal safe-redirect user-agent MicroMessenger
?portal safe-redirect user-agent Mozilla
?portal safe-redirect user-agent WeChat
?portal safe-redirect user-agent micromessenger

#配置web服務。
[AC] ip http enable
[AC] ip https enable

然后在AC上的無線模板上應用

配置完后，不行在重啟AC

總結

以上是生活随笔為你收集整理的华三的AC对接绿洲平台的无线认证配置的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。