viii
Configuring portal detection functions ············································································································ 306
Configuring online Layer 2 portal user detection ···················································································· 306
Configuring online Layer 3 portal user detection ···················································································· 307
Configuring the portal server detection function ····················································································· 307
Configuring portal user information synchronization ·············································································· 308
Logging off portal users ································································································································· 309
Including the MAC address parameter in the redirection URL ······································································· 309
Configuring mandatory Web page pushing ···································································································· 310
Displaying and maintaining portal ·················································································································· 311
Portal configuration examples ························································································································ 312
Configuring direct portal authentication ·································································································· 312
Configuring re-DHCP portal authentication ···························································································· 316
Configuring cross-subnet portal authentication ······················································································ 318
Configuring direct portal authentication with extended functions ··························································· 320
Configuring re-DHCP portal authentication with extended functions ····················································· 321
Configuring cross-subnet portal authentication with extended functions ··············································· 324
Configuring portal server detection and portal user information synchronization ·································· 326
Cross-subnet portal authentication across VPNs ··················································································· 331
Troubleshooting portal ··································································································································· 333
Inconsistent keys on the access device and the portal server ······························································· 333
Incorrect server port number on the access device ··············································································· 333
Configuring firewall ····················································································· 334
Overview ························································································································································ 334
ACL based packet-filter ·························································································································· 334
ASPF ······················································································································································ 335
Configuring a packet-filter firewall ·················································································································· 338
Packet-filter firewall configuration task list ····························································································· 338
Enabling the firewall function ················································································································· 338
Configuring the default filtering action of the firewall·············································································· 338
Enabling fragment inspection ················································································································· 339
Configuring the high and low thresholds for fragment inspection ·························································· 339
Configuring packet filtering on an interface ···························································································· 340
Configuring Ethernet frame filtering ······································································································· 341
Displaying and maintaining a packet-filter firewall ················································································· 341
Packet-filter firewall configuration example ···························································································· 342
Configuring an ASPF ····································································································································· 343
ASPF configuration task list ··················································································································· 343
Enabling the firewall function ················································································································· 344
Configuring an ASPF policy ··················································································································· 344
Applying an ASPF policy to an interface ································································································ 344
Enabling the session logging function for ASPF ···················································································· 345
Configuring port mapping ······················································································································· 345
Displaying and maintaining ASPF ·········································································································· 346
ASPF configuration example ·················································································································· 346
Configuring SSH ························································································· 348
Overview ························································································································································ 348
How SSH works ····································································································································· 348
SSH authentication methods ·················································································································· 349
SSH support for MPLS L3VPN ·············································································································· 350
FIPS compliance ············································································································································ 350
Configuring the device as an SSH server ······································································································ 351
SSH server configuration task list ·········································································································· 351
Generating local DSA or RSA key pairs ································································································· 351
Enabling the SSH server function ·········································································································· 352
Enabling the SFTP server function ········································································································ 352
Configuring the user interfaces for SSH clients ····················································································· 352
Configuring a client's host public key ····································································································· 353
Configuring an SSH user ······················································································································· 354
Setting the SSH management parameters ···························································································· 355
Configuring the device as an Stelnet client ···································································································· 356
To Next Page
Loading...
