Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
iv
Configuring portal authentication ·························································································································· 147
Feature and hardware compatibility ·························································································································· 147
Overview ······································································································································································· 147
Extended portal functions ··································································································································· 147
Portal system components ··································································································································· 148
Portal system using the local portal server ········································································································ 149
Portal authentication modes ······························································································································· 150
Portal support for EAP ········································································································································· 151
Layer 3 portal authentication process ··············································································································· 152
Portal configuration task list ········································································································································ 155
Configuration prerequisites ········································································································································· 156
Specifying the portal server for Layer 3 portal authentication ················································································ 156
Configuring the local portal server ···························································································································· 157
Customizing authentication pages ···················································································································· 157
Configuring the protocol type and welcome banner for the local portal server ·········································· 160
Enabling Layer 3 portal authentication ······················································································································ 161
Configuration prerequisites ································································································································ 161
Configuration guidelines ···································································································································· 161
Configuration procedure ···································································································································· 162
Controlling access of portal users ······························································································································ 162
Configuring a portal-free rule····························································································································· 162
Configuring an authentication source subnet ··································································································· 163
Setting the maximum number of online portal users ························································································ 163
Specifying a portal authentication domain ······································································································ 163
Configuring RADIUS related attributes ······················································································································ 164
Specifying NAS-Port-Type for an interface ······································································································· 164
Specifying the NAS-Port-ID for an interface ····································································································· 164
Specifying a NAS ID profile for an interface ··································································································· 165
Specifying a source IP address for outgoing portal packets ··················································································· 165
Specifying an autoredirection URL for authenticated portal users ·········································································· 166
Configuring portal detection functions ······················································································································· 166
Configuring online Layer 3 portal user detection ···························································································· 166
Configuring the portal server detection function ······························································································ 167
Configuring portal user information synchronization ······················································································ 168
Logging off portal users ··············································································································································· 169
Displaying and maintaining portal ···························································································································· 170
Portal configuration examples ···································································································································· 170
Configuring direct portal authentication ··········································································································· 170
Configuring re-DHCP portal authentication ······································································································ 173
Configuring cross-subnet portal authentication ································································································ 175
Configuring direct portal authentication with extended functions·································································· 176
Configuring re-DHCP portal authentication with extended functions ···························································· 178
Configuring cross-subnet portal authentication with extended functions ······················································· 181
Configuring portal server detection and portal user information synchronization ······································· 183
Troubleshooting portal ················································································································································· 185
Inconsistent keys on the access device and the portal server ········································································· 185
Incorrect server port number on the access device ·························································································· 186
Configuring AAA ···················································································································································· 187
Overview ······································································································································································· 187
RADIUS ································································································································································· 188
HWTACACS ························································································································································ 193
Domain-based user management ······················································································································ 195
AAA for VPNs ······················································································································································ 197
Protocols and standards ····································································································································· 197