R0106-HP MSR Router Series Security Configuration Guide(V7)
126
portal authentication server is not greater than the synchronization detection timeout configured on the
access device.
Deleting a portal authentication server on the access device also deletes the user synchronization
configuration for the portal authentication server.
To configure the portal user information synchronization function:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter portal
authentication server
view.
portal server server-name N/A
3. Configure the portal
user synchronization
function.
user-sync timeout timeout
By default, portal user
synchronization is disabled.
Configuring the portal fail-permit function
Perform this task to configure the portal fail-permit function on an interface. When the access device
detects that the portal authentication server or portal Web server is unreachable, it allows users on the
interface to have network access without portal authentication.
If you enable fail-permit for both a portal authentication server and a portal Web server on an interface,
the interface does the following:
• Disables portal authentication when either server is unreachable.
• Resumes portal authentication when both servers are reachable.
After portal authentication resumes, unauthenticated users must pass portal authentication to access the
network. Users who have passed portal authentication before the fail-permit event can continue
accessing the network.
To configure portal fail-permit:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter interface view.
interface interface-type interface-number N/A
3. Enable portal fail-permit
for a portal
authentication server.
portal [ ipv6 ] fail-permit server
server-name
By default, portal fail-permit is
disabled for a portal
authentication server.
4. Enable portal fail-permit
for a portal Web server.
portal [ ipv6 ] apply web-server
server-name fail-permit
By default, portal fail-permit is
disabled for a portal Web server.