Specifying The Portal Server; Specifying The Local Portal Server For Layer 2 Portal Authentication - HP 3600 v2 Series Configuration Manual

With re-DHCP authentication, the IP address check function of the DHCP relay agent is enabled on
•
the access device, and the DHCP server is installed and configured properly.
The portal client, access device, and servers can reach each other.
•
With RADIUS authentication, usernames and passwords of the users are configured on the RADIUS
•
server, and the RADIUS client configurations are performed on the access device. For information
about RADIUS client configuration, see
To implement extended portal functions, install and configure IMC EAD, and make sure that the
•
ACLs configured on the access device correspond to those specified for the resources in the
quarantined area and for the restricted resources on the security policy server. For information
about security policy server configuration on the access device, see
For installation and configuration about the security policy server, see IMC EAD Security Policy Help.
The ACL for resources in the quarantined area and that for restricted resources correspond to isolation
ACL and security ACL, respectively, on the security policy server.
You can modify the authorized ACLs on the access device. However, your changes take effect only for
portal users logging on after the modification.
For portal authentication to work normally, make sure that the system name of the access device is no
more than 16 characters.

Specifying the portal server

Specifying the local portal server for Layer 2 portal
authentication
Layer 2 portal authentication uses the local portal server. Specify the IP address of a Layer 3 interface on
the device that is routable to the portal client as the listening IP address of the local portal server. HP
recommends using the IP address of a loopback interface rather than a physical Layer 3 interface,
because:
• The status of a loopback interface is stable. There will be no authentication page access failures
caused by interface failures.
A loopback interface does not forward received packets to any network, avoiding impact on system
•
performance when there are many network access requests.
To specify the local portal server for Layer 2 portal authentication:
Step
1. Enter system view.
2. Specify the listening IP
address of the local portal
server for Layer 2 portal
authentication.
NOTE:
The specified listening IP address can be changed or deleted only if Layer 2 portal authentication is not
enabled on any port.
"Configuring
Command
system-view
portal local-server ip ip-address
135
AAA."
"Configuring
Remarks
N/A
By default, no listening IP address
is specified.
AAA."