R3303-HP 6600/HSR6600 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG TAA-compliant Router

151

152

153

154

155

156

157

158

159

160

141

Ste

Command

Remarks

2. Specify an autoredirection

URL for authenticated portal

users.

portal redirect-url url-string

By default, an authenticated user is

redirected to the URL the user typed

in the address bar before portal

authentication.

Configuring portal detection functions

Configuring online Layer 3 portal user detection

With online portal user detection enabled on an interface, the device periodically sends probe packets

to the portal users on the interface to check whether the portal users are still online, to find portal users

who get offline without logging off.

• If the device receives a reply from a portal user before sending probe packets to the portal user for

the maximum number of times, it considers that the portal user is online and keeps sending probe

packets to the portal user.

• If the device receives no reply from a portal user after sending probe packets to the portal user for

the maximum number of times, it considers that the portal user is offline and stops sending probe

packets to the portal user and deletes the user.

To configure online Layer 3 portal user detection:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter interface view.

interface interface-type

interface-number

N/A

3. Configure online Layer 3

portal user detection.

access-user detect type { arp |

icmp } retransmit number interval

interval [ idle-time idletime ]

Not configured by default.

NOTE:

djust the maximum number of transmission attempts and the interval of sending probe packets

according to the actual network conditions.

Configuring the portal server detection function

During portal authentication, if the communication between the access device and portal server is

broken, new portal users are not able to log on and the online portal users are not able to log off normally.

To address this problem, the access device needs to be able to detect the reachability changes of the

portal server quickly and take corresponding actions to deal with the changes. For example, once

detecting that the portal server is unreachable, the access device allows portal users to access network

resources without authentication. This function is referred to as portal authentication bypass. It allows for

flexible user access control.

With the portal server detection function, the device can detect the status of a specific portal server. The

specific configurations include: