Configuring Portal User Information Synchronization - HP 10500 Series Configuration Manual

Sending a log—When the status of a portal server changes, the access device sends a log
message. The log message indicates the portal server name and the current state and original
state of the portal server.
Disabling portal authentication (enabling portal authentication bypass)—When the device
detects that a portal server is unreachable, it disables portal authentication on the interfaces
that use the portal server (allows all portal users on the interfaces to access network resources).
When the device receives from the portal server portal heartbeat packets or authentication
packets (such as logon requests and logout requests), it re-enables the portal authentication
function.
You can configure any combination of the configuration items described as needed, with respect to the
following:
• If both detection methods are specified, a portal server is regarded as unreachable as long as one
detection method fails. An unreachable portal server is regarded as recovered only when both
detection methods succeed.
If multiple actions are specified, the access device executes all specified actions when the status of
•
a portal server changes.
The detection function configured for a portal server takes effect on an interface only after you
•
enable portal authentication and reference the portal server on the interface.
To configure the portal server detection function:
Step
1. Enter system view.
2. Configure the portal
server detection
function.
The portal heartbeat detection method works only when the portal server supports the portal server
heartbeat function. Only the IMC portal server supports the portal server heartbeat function. To
implement detection with this method, you also need to configure the portal server heartbeat function on
the IMC portal server and make sure the product of interval and retry is greater than or equal to the
portal server heartbeat interval. HP recommends that you configure the interval to be greater than the
portal server heartbeat interval configured on the portal server.

Configuring portal user information synchronization

Once the device loses communication with a portal server, the portal user information on the device and
that on the portal server may be inconsistent after the communication resumes. To solve this problem, the
device provides the portal user information synchronization function. This function is implemented by
sending and detecting the portal synchronization packet. The process is as follows:
1. The portal server sends the online user information to the access device in a user synchronization
packet at the user heartbeat interval, which is set on the portal server.
2. Upon receiving the user synchronization packet, the access device checks the user information
carried in the packet with its own. If the device finds a nonexistent user in the packet, it informs the
portal server of the information and the portal server deletes the user. If the device finds that one
of its users does not appear in the user synchronization packets within N consecutive
synchronization probe intervals (N is equal to the value of retries configured in the portal server
Command
system-view
portal server server-name server-detect
method { http | portal-heartbeat } * action
{ log | permit-all } * [ interval interval ]
[ retry retries ]
140
Remarks
N/A
Not configured by default.
The portal server specified in the
command must exist.