Configuring The Web Authentication Server; Enabling Web Authentication - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
•
The RADIUS server has been installed and configured properly.
•
The authentication client, access device, and RADIUS server can reach each other.
•
The local portal Web server has been configured and can provide Web authentication pages.
For more information about the local portal Web server configuration, see "Configuring portal
authentication".
•
Usernames and passwords of the users are configured on the RADIUS server. The RADIUS
client configuration is performed on the access device. For information about the RADIUS client
configuration, see "Configuring AAA."
Configuring the Web authentication server
Perform this task to configure the IP address listened by the Web authentication server, redirection
URL, and parameters carried in redirection URL.
Specify the IP address of a Layer 3 interface on the device that is routable to the Web client as the
listening IP address of the Web authentication server. As a best practice, use the IP address of a
loopback interface rather than that of a Layer 3 interface. A loopback interface has the following
advantages:
•
The status of a loopback interface is stable. There will be no authentication page access
failures caused by interface failures.
•
A loopback interface does not forward received packets to any networks, avoiding impact on
system performances when there are many network access requests.
The IP address and port number of the Web authentication server must be the same as those in the
redirection URL. Additionally, the port number of the Web authentication server must be the same as
the listening port of the local portal Web server.
To configure the Web authentication server:
Step
1.
Enter system view.
2.
Create a Web authentication
server and enter its view.
3.
Specify the redirection URL
for the Web authentication
server.
4.
Specify the IP address and
port number for the Web
authentication server.
5.
Configure the parameters to
be carried in the redirection
URL of the Web
authentication server.
Enabling Web authentication
For Web authentication to operate correctly, do not enable port security or configure the port security
mode on the Layer 2 Ethernet interface enabled with Web authentication.
To enable Web authentication:
Command
system-view
web-auth server server-name
url url-string
ip ipv4-address port port-number
url-parameter parameter-name
{ original-url | source-address |
source-mac | value expression }
503
Remarks
N/A
By default, no Web authentication
servers exist.
By default, no redirection URL is
specified for a Web authentication
server.
By default, no IP address or port
number is specified for a Web
authentication server.
By default, no parameters are
configured to be carried in the
redirection URL of a Web
authentication server.
Advertisement
Table of Contents
Troubleshooting
