Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
121122123124125126127128129130
123
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter interface view.
interface interface-type
interface-number
N/A
3. Specify a source IP
address for outgoing
portal packets.
portal nas-ip ip-address
Optional.
By default, no source IP address is specified and the
IP address of the user logon interface is used as the
source IP address of the outgoing portal packets.
In NAT environments, HP recommends specifying
the interface's public IP address as the source IP
address of outgoing portal packets.
Specifying an auto redirection URL for
authenticated portal users
After a user passes portal authentication, if the access device is configured with an auto redirection URL,
it redirects the user to the URL.
To specify an auto redirection URL for authenticated portal users:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Specify an auto redirection
URL for authenticated portal
users.
portal redirect-url url-string
By default, an authenticated
user is redirected to the URL
the user typed in the address
bar before portal
authentication.
NOTE:
To use this feature for remote Layer 3 portal authentication, the portal server must be the IMC portal server
and the IMC portal server must support the page auto-redirection function.
Configuring portal detection functions
Configuring online Layer 3 portal user detection
This feature is available only for the direct and re-DHCP portal authentication configured on a Layer 3
interface.
With online portal user detection enabled on an interface, the firewall will periodically send probe
packets (ARP requests) to the portal users of the interface to check whether the portal users are still online,
to find out portal users who get offline without logging off.
If the firewall receives a reply from a portal user before sending probe packets to the portal user for
the maximum number of times, it considers that the portal user is online and will keep sending
probe packets to the portal user.