HP VPN Firewall Appliances Access Control Configuration Guide
157
Configuring the protocol type and welcome banner for the
local portal server
To make the local portal server take effect, specify the protocol to be used for communication between
the portal client and local portal server.
Configuration prerequisites
To configure the local portal server to support HTTPS, complete the following configurations first:
• Configure PKI policies, obtain the CA certificate, and apply for a local certificate. For more
information, see VPN Configuration Guide.
• Configure the SSL server policy, and specify the PKI domain to be used, which is configured in the
above step. For more information, see Network Management Configuration Guide.
When you specify the protocol for the local portal server to support, the local portal server will load the
default authentication page file, which is supposed to be saved in the root directory of the device.
Therefore, to make sure the local portal server uses the user-defined default authentication pages, you
must edit and save them correctly or else the system default authentication pages are used.
Configuration procedure
To configure the local portal server:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Configure the protocol type for
the local portal server to support
and load the default
authentication page file.
portal local-server { http | https
server-policy policy-name }
By default, the local portal server
does not support any protocol.
3. Configure the welcome banner of
the default authentication pages
of the local portal server.
portal server banner
banner-string
Optional.
No welcome banner by default.
Enabling Layer 3 portal authentication
You must first enable layer 3 portal authentication on an access interface before it can perform portal
authentication for connected clients.
Configuration prerequisites
Before enabling Layer 3 portal authentication on an interface, make sure:
• An IP address is configured for the interface.
• The interface is not added to any port aggregation group.
• The portal server to be referenced on the interface exists.