Configuring Portal Web Server Detection; Configuring Portal User Synchronization - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Configuring portal Web server detection
A portal authentication process cannot complete if the communication between the access device
and the portal Web server is broken. To address this problem, you can enable portal Web server
detection on the access device.
With the portal Web server detection feature, the access device simulates a Web access process to
initiate a TCP connection to the portal Web server. If the TCP connection can be established
successfully, the access device considers the detection successful, and the portal Web server is
reachable. Otherwise, it considers the detection to have failed. Portal authentication status on
interfaces of the access device does not affect the portal Web server detection feature.
You can configure the following detection parameters:
•
Detection interval—Interval at which the device detects the server reachability.
•
Maximum number of consecutive failures—If the number of consecutive detection failures
reaches this value, the access device considers that the portal Web server is unreachable.
You can configure the device to take one or more of the following actions when the server
reachability status changes:
•
Sending a trap message to the NMS. The trap message contains the name and current state of
the portal Web server.
•
Sending a log message, which contains the name, the current state, and the original state of the
portal Web server.
•
Enabling portal fail-permit. When the portal Web server is unreachable, the portal fail-permit
feature on an interface allows users on the interface to have network access. When the server
recovers, it resumes portal authentication on the interface. For more information, see
"Configuring the portal fail-permit
To configure portal Web server detection:
Step
1.
Enter system view.
2.
Enter portal Web
server view.
3.
Configure portal
Web server
detection.
Configuring portal user synchronization
Once the access device loses communication with a portal authentication server, the portal user
information on the access device and that on the portal authentication server might be inconsistent
after the communication resumes. To address this problem, the device provides the portal user
synchronization feature. This feature is implemented by sending and detecting portal
synchronization packets, as follows:
1.
The portal authentication server sends the online user information to the access device in a
synchronization packet at the user heartbeat interval.
The user heartbeat interval is set on the portal authentication server.
2.
Upon receiving the synchronization packet, the access device compares the users carried in
the packet with its own user list and performs the following operations:
feature."
Command
system-view
portal web-server server-name
server-detect [ interval interval ] [ retry
retries ] { log | trap } *
172
Remarks
N/A
N/A
By default, portal Web server
detection is disabled.
This feature takes effect regardless
of whether portal authentication is
enabled on an interface or not.
Advertisement
Table of Contents
Troubleshooting
