4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

451

452

453

454

455

456

457

458

459

460

445

undo portal user-detect

Default

Online detection of IPv4 portal users is disabled on the interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

type: Specifies the type of detection packets.

• arp—ARP packets.

• icmp—ICMP packets.

retry retries: Sets the maximum number of detection attempts, in the range of 1 to 10, and the default is

3. If the device receives no reply from a portal user when this threshold is reached, it logs out the portal

user.

interval interval: Sets a detection interval in the range of 1 to 1200 seconds. The default interval is 3

seconds.

idle time: Sets a user idle timeout in the range of 60 to 3600 seconds. The default is 180 seconds. When

the timeout expires, online detection of IPv4 portal users is restarted.

Usage guidelines

After online detection of IPv4 portal users is enabled on the interface, the device periodically sends the

specified type of detection packets to online portal users to verify if they are online. The detection process

is as follows:

When the device receives no packets from a portal user within the configured idle time, the device sends

detection packets to the user.

• If the device receives no reply from the user after sending detection packets to the user for the

maximum number of times, the device logs out the portal user.

• If the device receives a reply, it stops sending detection packets and waits for the user idle timeout

to expire.

Direct authentication and re-DHCP authentication support both ARP detection and ICMP detection.

Cross-subnet authentication only supports ICMP detection.

If firewall policies on the access device filter out ICMP packets, ICMP detection might fail and result in the

logout of portal users. Make sure the access device does not block ICMP packets before you enable

ICMP detection on an interface.

Examples

# Enable online detection of IPv4 portal users on interface Ethernet 1/1. Configure the detection type as

ICMP, the maximum number of detection attempts as 5, the detection interval as 10 seconds, and the user

idle timeout as 300 seconds.

<Sysname> system-view

[Sysname] interface ethernet1/1

[Sysname–Ethernet1/1] portal user-detect type icmp retry 5 interval 10 idle 300

Related commands

display portal interface