Security

 View Only

Huawei OLT and ClearPass intergration

This thread has been viewed 3 times
  • 1.  Huawei OLT and ClearPass intergration

    Posted 6 days ago

    Dear,

    We want to  integrate a ClearPasse Guest with HUAWEI GPON solution (OLT: EA5800-X2, ONT:W626E-10) to provide Guest Access with Self Registration Portal. We set up the configuration of the  HUAWEI GPON solution and the diffrents services and portal pages on Clearpass.

    The redirection to  Self Registration Portal and the registration process is working fine but the login process is not working. In the documentation we found that the HUAWEI GPON use CHAP (not in http format) to recieve the user and password from the login page but Clearpass use HTTP POST method.

    Please, do anyone know if the two solutions are compatible and which modifications shoud be done to make this working ?

    You fine bellow the process of guest portal authentication on  HUAWEI GPON solution and attached Self registration Configuration on clearpass

    Best regrads

    HUAWEI GPON guest  authentication process

    1.       A user accesses the HTTPHTTPS service. The access device allows HTTPHTTPS packets destined for the portal server or specified authentication-free network resources to directly pass through.

    2.       Redirects to the portal authentication page. The access device redirects HTTPHTTPS packets destined for other addresses to the portal server.

    3.       Sends an authentication request to the portal server. The user sends an HTTPHTTPS authentication request, and the portal server provides a web page for the user to enter the user name and password for authentication.

    4.       Sends a portal authentication request to the access device. The portal server exchanges information with the access device to implement authentication using the Challenge Handshake Authentication Protocol (CHAP), encapsulates the user name and password into an authentication request packet, and sends the packet to the access device.

    5.       Sends an authentication request to the RADIUS server. The access device sends a RADIUS authentication request packet to the RADIUS server.

    6.       The RADIUS server returns the authentication result. The RADIUS server sends an authentication response packet to the access device.

    7.       The access device notifies the portal server of the authentication result. The portal server sends the authentication result to the client.

    8.       After the authentication succeeds, the user can access the HTTPHTTPS service.