Enabling Arp Or Nd Entry Conversion For Portal Clients; Configuring Https Redirect - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Step
2.
Create a local portal Web
server and enter its view.
3.
Specify the default
authentication page file for
the local portal Web server.
4.
(Optional.) Configure the
listening TCP port for the
local portal Web server.
Enabling ARP or ND entry conversion for portal
clients
This feature converts the ARP or ND entries to Rule ARP or ND entries for portal users. Rule ARP or
ND entries will not be aged and they will be deleted immediately when the portal users go offline.
When this feature is disabled, ARP or ND entries for portal users are dynamic entries and will be
aged out when their respective aging timers expire. Rule ARP or ND entries created before the
feature is disabled still exist until the portal users go offline.
This feature is enabled by default. If a user logs out and then tries to get online before the ARP or ND
entry is relearned for the user, the user will fail the authentication. Therefore, in scenarios where
portal users might get online and offline frequently in a short time, disable this feature to avoid
immediate deletion of the ARP or ND entries when users go offline.
Enabling or disabling of this feature takes effect only on portal users who pass authentication after
the feature is enabled or disabled.
To configure ARP or ND entry conversion for portal clients:
Step
1.
Enter system view.
2.
Enable ARP or ND entry
conversion for portal clients.
3.
Disable ARP or ND entry
conversion for portal clients.
Configuring HTTPS redirect
The device can redirect HTTPS requests to the portal Web server for portal authentication. During
SSL connection establishment, the user browser might display a message that it cannot verify server
identity by certificate. For users to perform portal authentication without checking such a message,
configure an SSL server policy to request a client-trusted certificate on the device. The name of the
policy must be https_redirect. For information about SSL server policy configuration, see
"Configuring SSL." For information about certificate request, see "Configuring PKI."
To configure HTTPS redirect:
Command
portal local-web-server { http |
https ssl-server-policy
policy-name }
default-logon-page filename
tcp-port port-number
Command
system-view
portal refresh { arp | nd } enable
undo portal refresh { arp | nd }
enable
180
Remarks
By default, no local portal Web
servers exist.
By default, no default
authentication page file is
specified for the local portal Web
server.
By default, the HTTP service
listening port number is 80 and the
HTTPS service listening port
number is 443.
Remarks
N/A
By default, ARP or ND entry
conversion is enabled for portal
clients.
By default, ARP or ND entry
conversion is enabled for portal
clients.
Advertisement
Table of Contents
Troubleshooting
