R2511-HP MSR Router Series Security Command Reference(V5)
386
If you configure the user synchronization function for a portal server for multiple times, the last
configuration takes effect. If you do not specify an optional parameter, the default setting of the
parameter is used.
For redundant user information on the device—information of the users considered as nonexistent on the
portal server, the device deletes the information during the (N+1)th probe interval, where N equals to the
value of retries configured in the portal server user-sync command.
Examples
# Configure the device to synchronize portal user information with portal server pts:
• Setting the synchronization probe interval to 600 seconds
• Specifying the device to log off users if information of the users does not exist in the user
synchronization packets sent from the server in two consecutive probe intervals.
<Sysname> system-view
[Sysname] portal server pts user-sync interval 600 retry 2
portal web-proxy port
Use portal web-proxy port to add the port number of a Web proxy server, so that HTTP requests
forwarded by the Web proxy server trigger portal authentication.
Use undo portal web-proxy port to delete one or all Web proxy server port numbers.
Syntax
portal web-proxy port port-number
undo portal web-proxy port { port-number | all }
Default
No Web proxy server port number is configured on the device and proxied HTTP requests cannot trigger
portal authentication.
Views
System view
Default command level
2: System level
Parameters
port-number: Web proxy server port number in the range of 1 to 65535.
all: Specifies all Web proxy server port numbers.
Usage guidelines
Up to four Web proxy server port numbers can be added.
If a user's browser uses the Web Proxy Auto-Discovery (WPAD) protocol to discover Web proxy servers,
you must add the port numbers of the Web proxy servers on the device, and configure portal-free rules
to allow user packets destined for the IP address of the WPAD server to pass without authentication.
For Layer 2 portal authentication, you must add the port numbers of the Web proxy servers on the device,
and users must make sure that their browsers that use a Web proxy server do not use the proxy server for
the listening IP address of the local portal server. Thus, HTTP packets that the portal user sends to the local
portal server are not sent to the Web proxy server.
For Layer 3 portal authentication, note the following issues: