Configuring Portal Server Detection And Portal User Information Synchronization - HP 6600 Security Configuration Manual

ACL:NONE
Work-mode: primary
VPN instance:NONE
MAC
---------------------------------------------------------------------
000d-88f8-0eac
Total 1 user(s) matched, 1 listed.
[RouterB] display portal user all
Index:2
State:ONLINE
SubState:NONE
ACL:NONE
Work-mode: secondary
VPN instance:NONE
MAC
---------------------------------------------------------------------
000d-88f8-0eac
Total 1 user(s) matched, 1 listed.
The output shows that both Router A and Router B has the user's information. The user's working mode
on Router A is primary, and that on Router B is secondary, which indicate that the user logged in through
Router A and the user information on Router B was synchronized from Router A.
Configuring portal server detection and portal user information
synchronization
Network requirements
As shown in
authentication
authentication/authorization server.
Detailed requirements are as follows:
The host is assigned with a public network IP address either manually or through DHCP. Before
•
passing portal authentication, the host can access only the portal server. After passing portal
authentication, the host can access the Internet.
The access device (Router) can detect whether the portal server is reachable and send trap
•
messages upon state changes. When the portal server is unreachable due to, for example, a
connection failure, network device failure, or portal server failure, the access device can disable
portal authentication, allowing users to access the Internet without authentication.
The access device can synchronize portal user information with the portal server periodically.
•
IP
9.9.1.2
IP
9.9.1.2
Figure 69, a host is directly connected to a router (the access device) and must pass portal
before it can
Vlan Interface
0 GigabitEthernet0/0/1
Vlan Interface
0 GigabitEthernet0/0/1
access the Internet.
169
A RADIUS server serves as the