330
# Configure domain dm1 as the default ISP domain for all users. Then, if a user enters a
username without any ISP domain at logon, the authentication and accounting methods of the
default domain are used for the user.
[Router] domain default enable dm1
3. Configure portal authentication:
# Configure a portal server on the router, specifying the portal server name as newpt, IP
address as 192.168.0.111, key as plaintext string portal, port number as 50100, and URL as
http://192.168.0.111:8080/portal.
[Router] portal server newpt ip 192.168.0.111 key simple portal port 50100 url
http://192.168.0.111:8080/portal
# Enable portal authentication on the interface connecting the host.
[Router] interface ethernet 1/2
[Router–Ethernet1/2] portal server newpt method direct
[Router–Ethernet1/2] quit
4. Configure the portal server detection function:
# Configure the access device to detect portal server newpt, specifying the detection method
as portal heartbeat probe, setting the server probe interval to 40 seconds, and specifying the
access device to send a server unreachable trap message and disable portal authentication to
permit unauthenticated portal users if two consecutive probes fail.
[Router] portal server newpt server-detect method portal-heartbeat action trap
permit-all interval 40 retry 2
The product of interval and retry must be greater than or equal to the portal server heartbeat
interval, and Hewlett Packard Enterprise recommends configuring the interval to be greater
than the portal server heartbeat interval configured on the portal server.
5. Configure portal user information synchronization:
# Configure the access device to synchronize portal user information with portal server newpt,
setting the synchronization probe interval to 600 seconds, and specifying the access device to
log off users if the users do not appear in the user synchronization packets sent from the server
within two consecutive probe intervals.
[Router] portal server newpt user-sync interval 600 retry 2
The product of interval and retry must be greater than or equal to the portal user heartbeat
interval, and Hewlett Packard Enterprise recommends configuring the interval to be greater
than the portal user heartbeat interval configured on the portal server.
Verifying the configuration
Use the following command to view information about the portal server.
<Router> display portal server newpt
Portal server:
1)newpt:
IP : 192.168.0.111
Key : ******
Port : 50100
URL : http://192.168.0.111:8080/portal
Status : Up
The Up state of the portal server indicates that the portal server is reachable. If the access device
detects that the portal server is unreachable, you can see the portal server status is Down in the
output, and the access device generates a server unreachable trap "portal server newpt lost" and
disables portal authentication on the access interface, so the client can access the external network
without authentication.
To Next Page
Loading...
Need help?
General
