Configuring Portal Server Detection And Portal User Information Synchronization - HP 10500 Series Configuration Manual

[SwitchA-acl-adv-3000] rule deny ip
[SwitchA-acl-adv-3000] quit
[SwitchA] acl number 3001
[SwitchA-acl-adv-3001] rule permit ip
[SwitchA-acl-adv-3001] quit
4. Configure portal authentication:
# Configure the portal server as follows:
Name: newpt
IP address: 192.168.0.1 1 1
Key: portal, in plain text
Port number: 50100
URL: http://192.168.0.1 1 1:8080/portal.
[SwitchA] portal server newpt ip 192.168.0.111 key simple portal port 50100 url
http://192.168.0.111:8080/portal
# Enable portal authentication on the interface connecting Switch B.
[SwitchA] interface vlan-interface 4
[SwitchA–Vlan-interface4] portal server newpt method layer3
[SwitchA–Vlan-interface4] quit
On Switch B, configure a default route to subnet 192.168.0.0/24, setting the next hop as 20.20.20.1.
(Details not shown.)
Configuring portal server detection and portal user information
synchronization
Network requirements
As shown in
authentication
authentication/accounting server.
Detailed requirements are as follows:
The host is assigned with a public network IP address either manually or through DHCP. Before
•
passing portal authentication, the host can access only the portal server. After passing portal
authentication, the host can access the Internet.
• The access device (Switch) can detect whether the portal server is reachable and send log
messages upon state changes. When the portal server is unreachable due to, for example, a
connection failure, network device failure, or portal server failure, the access device can disable
portal authentication, allowing users to access the Internet without authentication.
The access device can synchronize portal user information with the portal server periodically.
•
Figure 66, a host is directly connected to a switch (the access device) and must pass portal
before it can access the Internet.
157
A RADIUS server serves as the