R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router

191

192

193

194

195

196

197

198

199

200

179

Parameters

type: Specifies the type of detection packets.

• arp—ARP packets.

• icmp—ICMP packets.

retry retries: Sets the maximum number of detection attempts, in the range of 1 to 10, and the default is

3. If the device receives no reply from a portal user when this threshold is reached, it logs out the portal

user.

interval interval: Sets a detection interval in the range of 1 to 1200 seconds. The default interval is 3

seconds.

idle time: Sets a user idle timeout in the range of 60 to 3600 seconds. The default is 180 seconds. When

the timeout expires, online detection of IPv4 portal users is restarted.

Usage guidelines

After online detection of IPv4 portal users is enabled on the interface, the device periodically sends the

specified type of detection packets to online portal users to verify if they are online. The detection process

is as follows:

When the device receives no packets from a portal user within the configured idle time, the device sends

detection packets to the user.

• If the device receives no reply from the user after sending detection packets to the user for the

maximum number of times, the device logs out the portal user.

• If the device receives a reply, it stops sending detection packets. Then the device restarts the idle

timer and waits for the packets from the user.

Direct authentication and re-DHCP authentication support both ARP detection and ICMP detection.

Cross-subnet authentication only supports ICMP detection.

If firewall policies on the access device filter out ICMP packets, ICMP detection might fail and result in the

logout of portal users. Make sure the access device does not block ICMP packets before you enable

ICMP detection on an interface.

Examples

# Enable online detection of IPv4 portal users on interface GigabitEthernet 2/1/1. Configure the

detection type as ICMP, the maximum number of detection attempts as 5, the detection interval as 10

seconds, and the user idle timeout as 300 seconds.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/1/1

[Sysname–GigabitEthernet2/1/1] portal user-detect type icmp retry 5 interval 10 idle 300

Related commands

display portal interface

portal web-server

Use portal web-server to create a portal Web server and enter its view.

Use undo portal web-server to delete the specified portal Web server.

Syntax

portal web-server server-name

undo portal web-server server-name