Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
121122123124125126127128129130
121
Ste
p
Command
Remarks
2. Set the maximum number of
online portal users.
portal max-user max-number
By default, the maximum number of
portal users allowed is 512.
NOTE:
If the number of currently online portal users is larger than the upper limit that you set, the command can
be executed successfully and does not impact the online portal users. However, the system does not allo
w
new portal users to log on until the number drops down below the limit.
Specifying the authentication domain for portal users
After you specify the authentication domain for portal users on an interface, the firewall will use the
authentication domain for authentication, authorization, and accounting (AAA) of all portal users on the
interface, ignoring the domain names carried in the usernames. This allows you to specify different
authentication domains for different interfaces as needed.
To specify the authentication domain for portal users on an interface:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter interface view.
interface interface-type
interface-number
N/A
3. Specify the authentication
domain for portal users on the
interface.
portal domain domain-name
By default, no authentication
domain is specified for portal
users.
NOTE:
The firewall selects the authentication domain for a portal user on an interface in this order: the
authentication domain specified for the interface, the authentication domain carried in the username, and
the system default authentication domain. For information about the default authentication domain, see "
Configuring AAA."
Configuring RADIUS related attributes
Specifying NAS-Port-Type for an interface
NAS-Port-Type is a standard RADIUS attribute for indicating a user access port type. With this attribute
specified on an interface, when a portal user logs on from the interface, the firewall uses the specified
NAS-Port-Type value as that in the RADIUS request to be sent to the RADIUS server. If NAS-Port-Type is not
specified, the firewall uses the access port type obtained.
To specify the NAS-Port-Type value for an interface:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A