Configuring The Portal Fail-Permit Function; Configuring Bas-Ip For Unsolicited Portal Packets Sent To The Portal Authentication Server - HP MSR2000 Configuration Manual
Hide thumbs
Also See for MSR2000:
- Configuration manual (455 pages) ,
- Manual (73 pages) ,
- High availability configuration manual (91 pages)
Table of Contents
Advertisement
Step
2.
Enter portal
authentication server
view.
3.
Configure the portal
user synchronization
function.
Configuring the portal fail-permit function
Perform this task to configure the portal fail-permit function on an interface. When the access device
detects that the portal authentication server is unreachable, it allows users on the interface to have
network access without portal authentication.
If you enable fail-permit for both a portal authentication server and a portal Web server on an interface,
the interface disables portal authentication when either server is unreachable and resumes portal
authentication when both servers are reachable. After portal authentication resumes, unauthenticated
users must pass portal authentication to access the network. Users who have passed portal authentication
before the fail-permit event can continue accessing the network.
To configure portal fail-permit:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Enable portal
fail-permit for a portal
authentication server.
4.
Enable portal
fail-permit for a portal
Web server.
Configuring BAS-IP for unsolicited portal packets
sent to the portal authentication server
If the device runs Portal 2.0, the unsolicited packets sent to the portal authentication server must carry the
BAS-IP attribute. If the device runs Portal 3.0, the unsolicited packets sent to the portal authentication
server must carry the BAS-IP or BAS-IPv6 attribute.
If IPv4 portal authentication is enabled on an interface, you can configure the BAS-IP attribute on the
interface. If IPv6 portal authentication is enabled on an interface, you can configure the BAS-IPv6
attribute on the interface.
If you configure the BAS-IP or BAS-IPv6 attribute on an interface, the device uses the configured BAS-IP
or BAS-IPv6 address as the source IP address of the portal notifications sent from the interface to the
portal authentication server. Otherwise, the source IP address is the IP address of the interface.
Command
portal server server-name
user-sync timeout timeout
Command
system-view
interface interface-type interface-number
portal [ ipv6 ] fail-permit server
server-name
portal [ ipv6 ] apply web-server
server-name fail-permit
309
Remarks
N/A
By default, portal user
synchronization is disabled.
Remarks
N/A
N/A
By default, portal fail-permit is
disabled for a portal
authentication server.
By default, portal fail-permit is
disabled for a portal Web server.
Advertisement
Table of Contents
Troubleshooting
