Table of Contents
Advertisement
Prerequisites for portal
The portal feature provides a solution for user identity authentication and security check. To
complete user identity authentication, portal must cooperate with RADIUS.
The prerequisites for portal authentication configuration are as follows:
•
The portal authentication server, portal Web server, and RADIUS server have been installed
and configured correctly.
•
To use the re-DHCP portal authentication mode, make sure the DHCP relay agent is enabled
on the access device, and the DHCP server is installed and configured correctly.
•
The portal client, access device, and servers can reach each other.
•
To use the remote RADIUS server, configure usernames and passwords on the RADIUS server,
and configure the RADIUS client on the access device. For information about RADIUS client
configuration, see
•
To implement extended portal functions, install and configure CAMS EAD or IMC EAD. Make
sure the ACLs configured on the access device correspond to the isolation ACL and the
security ACL on the security policy server. For information about security policy server
configuration on the access device, see
about the security policy server, see CAMS EAD Security Policy Component User Manual or
IMC EAD Security Policy Help.
Configuring a portal authentication server
Configure this feature when user authentication uses a remote portal authentication server.
With portal authentication enabled, the device searches for a portal authentication server for a
received portal request packet according to the source IP address and VPN information of the
packet.
•
If a matching portal authentication server is found, the device regards the packet valid and
sends an authentication response packet to the portal authentication server. After a user logs in
to the device, the user interacts with the portal authentication server as needed.
•
If no matching portal authentication server is found, the device drops the packet.
To configure a portal authentication server:
Step
1.
Enter system view.
2.
Create a portal
authentication server, and
enter its view.
3.
Specify the IP address of
the portal authentication
server.
"Configuring
AAA."
"Configuring
Command
system-view
portal server server-name
•
To specify an IPv4 portal server:
ip ipv4-address [ vpn-instance
ipv4-vpn-instance-name] [ key
{ cipher | simple } string ]
•
To specify an IPv6 portal server:
ipv6 ipv6-address [ vpn-instance
ipv6-vpn-instance-name] [ key
{ cipher | simple } string ]
302
AAA." For installation and configuration
Remarks
N/A
By default, no portal
authentication servers exist.
You can create multiple portal
authentication servers.
Do not delete a portal
authentication server in use.
Otherwise, users
authenticated by that server
cannot log out correctly.
Specify an IPv4 portal
authentication server or an
IPv6 authentication portal
server.
By default, no portal
authentication server is
specified.
Advertisement
Table of Contents
Troubleshooting
