11.
After receiving the IP change notification packets sent by the client and the access device, the
portal authentication server notifies the client of login success.
12.
The portal authentication server sends an IP change acknowledgment packet to the access device.
Step 13 and step 14 are for extended portal functions.
13.
The client and the security policy server exchanges security check information. The security policy
server detects whether or not the user host installs anti-virus software, virus definition files,
unauthorized software, and operating system patches.
14.
The security policy server authorizes the user to access certain network resources based on the
check result. The access device saves the authorization information and uses it to control access of
the user.
Portal configuration task list
Tasks at a glance
(Required.)
(Required.)
(Required.)
(Required.)
(Optional.)
•
Configuring a portal-free rule
•
Configuring an authentication source subnet
•
Configuring an authentication destination subnet
•
Setting the maximum number of portal users
•
Specifying a portal authentication domain
(Optional.)
•
Configuring online detection of portal users
•
Configuring portal authentication server detection
•
Configuring portal Web server detection
•
Configuring portal user synchronization
(Optional.)
(Optional.)
(Optional.)
(Optional.)
(Optional.)
Configuration prerequisites
The portal feature provides a solution for user identity authentication and security check. To complete
user identity authentication, portal must cooperate with RADIUS.
The prerequisites for portal authentication configuration are as follows:
Configuring a portal authentication server
Configuring a portal Web server
Enabling portal authentication on an interface
Referencing a portal Web server for an interface
Controlling portal user access
Configuring portal detection features
Configuring the portal fail-permit feature
Configuring BAS-IP for unsolicited portal packets sent to the portal authentication server
Applying a NAS-ID profile to an interface
Enabling portal roaming
Logging out portal users
123