R2511-HP MSR Router Series Security Configuration Guide(V5)
299
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Specify the listening IP
address of the local portal
server for Layer 2 portal
authentication.
portal local-server ip ip-address
By default, no listening IP address
is specified.
The specified listening IP address can be changed or deleted only if Layer 2 portal authentication is not
enabled on any port.
Specifying a portal server for Layer 3 portal authentication
Perform this task to specify portal server parameters for Layer 3 portal authentication, including the portal
server IP address, shared encryption key, server port, and the URL address for Web authentication.
According to the networking environment, you can configure a remote portal server or, if supported, a
local portal server as needed.
• To configure a remote portal server, specify the IP address of the remote portal server.
• To use the local portal server of the access device, specify the IP address of a Layer 3 interface on
the device as the portal server's IP address. The specified interface must be reachable to the client.
Follow these guidelines when you specify a portal server for Layer 3 authentication:
• The specified parameters of a portal server can be modified or deleted only if the portal server is
not referenced on any interface.
• For local portal server configuration, the keywords key, port, and url are usually not required and,
if configured, do not take effect.
• When a local portal server is used, the re-DHCP portal authentication mode (redhcp) can be
configured but, if configured, does not take effect.
• To make sure the device can send packets to the portal server in an MPLS VPN, specify the VPN
instance to which the portal server belongs when specifying the portal server on the device.
To specify a portal server for Layer 3 authentication:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Specify a portal server and
configure related parameters.
portal server server-name ip
ip-address [ key [ cipher | simple ]
key-string | port port-id | url
url-string | vpn-instance
vpn-instance-name ] *
By default, no portal server is
specified.
You can specify up to four portal
servers on the access device.
Configuring the local portal server
The following matrix shows the feature and router compatibility: