Configuring Portal Detection Functions; Configuring The Portal Server Detection Function - HP 10500 Series Configuration Manual

Security configuration guide
Hide thumbs Also See for 10500 Series:
Table of Contents

Advertisement

Step
1.
Enter system view.
2.
Specify an auto redirection
URL for authenticated portal
users.
NOTE:
To use this feature for remote Layer 3 portal authentication, the portal server must be an IMC portal server
that supports the page auto-redirection function.

Configuring portal detection functions

This section describes the portal detection functions.

Configuring the portal server detection function

During portal authentication, if the communication between the access device and portal server is
broken, new portal users are not able to log on and the online portal users are not able to log off normally.
To address this problem, the access device must be able to detect the reachability changes of the portal
server quickly and take corresponding actions to deal with the changes. For example, after the access
device detects that the portal server is unreachable, it allows portal users to access network resources
without authentication. This function is referred to as "portal authentication bypass." It allows for flexible
user access control.
With the portal server detection function, the device can detect the status of a specific portal server. The
specific configurations include the following:
1.
Detection methods (you can choose either or both)
Probing HTTP connections—The access device periodically sends TCP connection requests to
the HTTP service port of the portal servers configured on its interfaces. If the TCP connection with
a portal server can be established, the access device considers that the probe succeeds (the
HTTP service of the portal server is open and the portal server is reachable). If the TCP
connection cannot be established, the access device considers that the probe fails and the
portal server is unreachable.
Probing portal heartbeat packets—A portal server that supports the portal heartbeat function
(only the IMC portal server supports this function) sends portal heartbeat packets to portal
access devices periodically. If an access device receives a portal heartbeat packet or an
authentication packet within a probe interval, the access device considers that the probe
succeeds and the portal server is reachable. Otherwise, it considers that the probe fails and the
portal server is unreachable.
2.
Probe parameters
Probe interval—Interval at which probe attempts are made.
Maximum number of probe attempts—Maximum number of consecutive probe attempts
allowed. If the number of consecutive probes reaches this value, the access device considers
that the portal server is unreachable.
3.
Actions to be taken when the server reachability status changes (you can choose one or more)
Command
system-view
portal redirect-url url-string
139
Remarks
N/A
By default, an authenticated user is
redirected to the URL the user typed
in the address bar before portal
authentication.

Advertisement

Table of Contents
loading

Table of Contents