Configuration Prerequisites; Configuring A Portal Authentication Server - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Tasks at a glance
Web redirect does not work when both Web redirect and portal authentication are enabled.
(Optional.)
Applying a NAS-ID profile to an interface
(Optional.)
Configuring the local portal Web server feature
(Optional.)
Enabling ARP or ND entry conversion for portal clients
(Optional.)
Configuring HTTPS redirect
(Optional.)
Configuring MAC-based quick portal authentication
(Optional.)
Enabling logging for user logins and logouts
Configuration prerequisites
The portal feature provides a solution for user identity authentication and security check. To
complete user identity authentication, portal must cooperate with RADIUS.
The prerequisites for portal authentication configuration are as follows:
•
The portal authentication server, portal Web server, and RADIUS server have been installed
and configured correctly.
•
To use the re-DHCP portal authentication mode, make sure the DHCP relay agent is enabled
on the access device, and the DHCP server is installed and configured correctly.
•
The portal client, access device, and servers can reach each other.
•
To use the remote RADIUS server, configure usernames and passwords on the RADIUS server,
and configure the RADIUS client on the access device. For information about RADIUS client
configuration, see "Configuring AAA."
•
To implement extended portal functions, install and configure IMC EAD. Make sure the ACLs
configured on the access device correspond to the isolation ACL and the security ACL on the
security policy server.
To avoid user login failure, do not specify a source IP address or source MAC address when
you configure a rule in the ACLs used by the security policy server.
For information about security policy server configuration on the access device, see
"Configuring AAA." For installation and configuration about the security policy server, see IMC
EAD Security Policy Help.
Configuring a portal authentication server
Configure this feature when user authentication uses an external portal authentication server.
Perform this task to configure the following portal authentication server parameters:
•
IP address of the portal authentication server.
•
VPN instance of the portal authentication server.
•
Shared encryption key used between the device and the portal authentication server.
•
Destination UDP port number used by the device to send unsolicited portal packets to the portal
authentication server.
•
Portal authentication server type, which must be the same as the server type the device actually
uses.
The device supports multiple portal authentication servers.
159
Advertisement
Table of Contents
Troubleshooting
