Table of Contents
Advertisement
3Com Router 3000 Ethernet Family
Configuration Guide
The access device communicates with the authentication/accounting server to
perform authentication and accounting. The access device in this manual refers to
a 3Com router.
Portal server: A web server, which can be accessed using a standard web browser.
The portal server provides free portal services and the web-based authentication
interface. The access device and the portal server interact to authenticate the
clients. Internet content providers (ICPs) can use portal servers to provide users
with services such as information inquiry and online shopping.
Authentication/Accounting server: Performs user authentication and accounting.
The access device and the authentication/accounting server communicate with
each other through the remote authentication dial-in user service (RADIUS)
protocol.
Caution:
With portal services, no network address translation (NAT) devices can exist among
authentication clients, access device, portal server, and authentication/accounting
server.
Currently, only RADIUS servers can be configured as authentication/accounting
servers. TACACS authentication/accounting servers and local authentication do not
support portal services.
3.1.3 Portal Authentication Procedures
On a 3Com router, the procedures for normal portal authentication are as follows:
When receiving the first HTTP packet from a user logging in, the router determines
whether this user is a portal user. If yes, the router only allows the user to access
the contents of the specified websites (portal servers and the predefined free
access addresses).
When receiving HTTP packets for access to other sites from a portal user, the
router redirects the packets to the portal server by TCP spoofing.
The portal server provides web pages for the user to enter the user name and
password, which are then forwarded to the router.
The router sends the user name and password to the RADIUS server for
authentication. Upon successful RADIUS authentication, the user is allowed to
access the Internet. From then on, the router no longer redirects HTTP packets
from the user.
With fast portal authentication, a user is also redirected to the portal server when
opening a web page. However, the user only needs to click the connection button,
3Com Corporation
3-2
Chapter 3 Portal Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
