Configuring Portal Server Detection And Portal User Synchronization - HPE FlexNetwork 10500 Series Security Configuration Manual

Username: abc
Portal server: newpt
State: Online
VPN instance: N/A
MAC
0000-0000-0000
Authorization information:
DHCP IP pool: N/A
ACL: 3001
CAR: N/A
Configuring portal server detection and portal user
synchronization
Network requirements
As shown in
assigned a public IP address either manually or through DHCP. A portal server acts as both a portal
authentication
authentication/accounting server.
•
Configure direct portal authentication on the switch, so the host can access only the portal
server before passing the authentication and access other network resources after passing the
authentication.
•
Configure the switch to detect the reachability state of the portal authentication server, send log
messages upon state changes, and disable portal authentication when the authentication
server is unreachable.
•
Configure the switch to synchronize portal user information with the portal server periodically.
Figure 67 Network diagram
Host
2.2.2.2/24
Gateway: 2.2.2.1/24
Configuration prerequisites and guidelines
•
Configure IP addresses for the switch and servers as shown in
host, switch, and servers can reach each other.
•
Configure the RADIUS server correctly to provide authentication and accounting functions.
•
Configure the portal authentication server. Be sure to enable the server heartbeat function and
the user heartbeat function.
•
Configure the switch (access device) as follows:
Configure direct portal authentication on VLAN-interface 100, the interface to which the host

is connected.
IP
8.8.8.2
Figure 67, the host is directly connected to the switch (the access device). The host is
server and a
Vlan-int100
Vlan-int2
2.2.2.1/24
192.168.0.100/24
Switch
VLAN Interface
4 Vlan-interface4
portal Web server.
Portal server
192.168.0.111/24
RADIUS server
192.168.0.112/24
223
A RADIUS server
Figure 67 and make sure the
acts as the