Manualshelf

R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
919293949596979899100
91
Portal configuration task list
Complete these tasks to configure portal authentication:
Task Remarks
Basic portal configuration Required
Configuring a portal-free rule Optional
Configuring an authentication subnet Optional
Specifying the source IP address for outgoing portal packets Optional
Logging out users Optional
Specifying an authentication domain for portal users Optional
Specifying the NAS ID value carried in a RADIUS request Optional
Specifying a NAS ID profile for an interface Optional
Setting the maximum number of online portal users Optional
Basic portal configuration
Configuration prerequisites
The portal feature provides a solution for user identity authentication and security check. However, the
portal feature cannot implement this solution by itself. RADIUS authentication must be configured on the
access device to cooperate with the portal feature to complete user authentication.
Before configuring portal authentication, complete the following tasks:
Configure IP addresses for the portal-enabled interfaces of the access device, or configure them to
obtain IP addresses from the DHCP server.
The portal-enabled interfaces do not belong to any aggregation group.
The portal server and the RADIUS server have been installed and configured properly.
With re-DHCP authentication, the invalid IP address check function of DHCP relay is enabled on the
access device, and the DHCP server is installed and configured properly.
With RADIUS authentication, usernames and passwords of the users are configured on the RADIUS
server, and the RADIUS client configurations are performed on the access device.
To implement extended portal functions, install and configure the security policy server, and ensure
that the ACLs configured on the access device correspond to security ACLs and isolation ACLs
configured on the security policy server.
NOTE:
The ACL for resources in the quarantined area and that for restricted resources correspond to isolation
ACL and security ACL on the security policy server respectively.
You can modify the authorized ACL on the access device. However, your changes take effect only for
portal users logging on after the modification.