Enabling Portal Authentication; Configuration Restrictions And Guidelines - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
To configure a portal Web server:
Step
1.
Enter system view.
2.
Create a portal Web server
and enter its view.
3.
Specify the VPN instance to
which the portal Web server
belongs.
4.
Specify the URL of the portal
Web server.
5.
Configure the parameters to
be carried in the URL when
the device redirects it to
users.
6.
(Optional.) Specify the portal
Web server type.
7.
(Optional.) Enable the
captive-pass feature.
8.
(Optional.) Configure a
match rule for URL
redirection.
Enabling portal authentication
You must first enable portal authentication on an access interface before it can perform portal
authentication for connected clients.
With portal authentication enabled, the device searches for a portal authentication server for a
received portal packet according to the source IP address and VPN information of the packet.
•
If the packet matches a locally configured portal authentication server, the device regards the
packet valid and sends an authentication response packet to the portal authentication server.
After a user logs in to the device, the user interacts with the portal authentication server as
needed.
•
If the packet does not match a portal authentication server, the device drops the packet.
Configuration restrictions and guidelines
When you enable portal authentication on an interface, follow these restrictions and guidelines:
•
Make sure the interface has a valid IP address before you enable re-DHCP portal
authentication on the interface.
•
Do not add the Ethernet interface enabled with portal authentication to an aggregation group.
Otherwise, portal authentication does not take effect.
Command
system-view
portal web-server server-name
vpn-instance vpn-instance-name
url url-string
url-parameter param-name
{ nas-id | nas-port-id |
original-url | source-address |
source-mac [ encryption { aes |
des } key { cipher | simple }
string ] | value expression }
server-type imc
captive-bypass enable
if-match { original-url url-string
redirect-url url-string
[ url-param-encryption { aes |
des } key { cipher | simple }
string ] | user-agent string
redirect-url url-string }
161
Remarks
N/A
By default, no portal Web servers
exist.
By default, the portal Web server
belongs to the public network.
By default, no URL is specified.
By default, no redirection URL
parameters are configured.
By default, the portal Web server
type is IMC.
By default, the captive-bypass
feature is disabled. The device
automatically pushes the portal
authentication page to the iOS
devices and some Android
devices when they are connected
to the network.
By default, no URL redirection
match rules exist.
Advertisement
Table of Contents
Troubleshooting
