139
1. The portal authentication server sends the online user information to the access device in a
synchronization packet at the user heartbeat interval, which is set on the portal authentication
server.
2. Upon receiving the synchronization packet, the access device compares the users carried in
the packet with its own user list. If a user contained in the packet does not exist on the access
device, the access device informs the portal authentication server to delete the user. The
access device starts the synchronization detection timer (timeout timeout) immediately when a
user logs in. If the user does not appear in any synchronization packet within a synchronization
detection interval, the access device considers the user does not exist on the portal
authentication server and logs the user out.
Portal user synchronization requires a portal authentication server to support the portal user
heartbeat function. Only the IMC portal authentication server supports the portal user heartbeat
function. To implement the portal user synchronization feature, you also need to configure the user
heartbeat function on the portal authentication server. Make sure the user heartbeat interval
configured on the portal authentication server is not greater than the synchronization detection
timeout configured on the access device.
Deleting a portal authentication server on the access device also deletes the user synchronization
configuration for the portal authentication server.
To configure portal user information synchronization:
1. Enter system view.
N/A
2.
authentication
server view.
portal server
server-name
N/A
3.
user
synchronization.
user-sync timeout
timeout
synchronization is disabled.
Configuring the portal fail-permit feature
Perform this task to configure the portal fail-permit feature on an interface. When the access device
detects that the portal authentication server or portal Web server is unreachable, it allows users on
the interface to have network access without portal authentication.
If you enable fail-permit for both a portal authentication server and a portal Web server on an
interface, the interface does the following:
• Disables portal authentication when either server is unreachable.
• Resumes portal authentication when both servers are reachable.
After portal authentication resumes, unauthenticated users must pass portal authentication to
access the network. Users who have passed portal authentication before the fail-permit event can
continue accessing the network.
To configure portal fail-permit:
1. Enter system view.
N/A
2. Enter interface view.
interface
interface-type
interface-number
N/A
3.
fail-permit for a portal
authentication server.
portal
[
ipv6
]
fail-permit server
server-name
By default, portal fail-
permit is
disabled for a portal
authentication server.
To Next Page
Loading...
Need help?
General