Hà Nội: NTT03, Line 1, Thống Nhất Complex, 82 Nguyễn Tuân, Thanh Xuân, Hà Nội. ● HCM: Số 31B, Đường 1, Phường An Phú, Quận 2 (Thủ Đức), TP HCM. ===> Đơn Vị Hàng Đầu Trong Lĩnh Vực Cung Cấp Thiết Bị Security - Network - Wifi - CCTV - Conference - Máy chủ Server - Lưu trữ Storge.
Danh mục sản phẩm

Configure the Portal Server and Attributes

Configuration Condition

None

Create a Portal Server

Create a Portal server and specify the related parameters of the Portal server, including the IP address of the server, shared encrypted key, server port number, and server URL (the authentication page address of the server).

Table 13–2 Create a Portal server

Step

Command

Description

Enter global configuration mode

configure terminal

-

Create a Portal server

portal server server-name ip ip-address key [ 0 | 7 ] key-string [ port udp-port-num | url url-string ]

Optional

By default, do not create a Portal server.

note


  • The Portal protocol only supports the IPv4 protocol.
  • Up to 5 Portal servers are created on the authentication device.
  • The configured Portal server parameters can be deleted or modified only when the Portal server is not referenced by the interface.
  • The configured share keys on the authentication device and Portal server should be consistent.

Configure the Portal Server Type

Configuring the Portal server type has two aspects of functions:

  • Different Portal servers do some expansions the standard Portal protocol specifications.
  • When the Portal server is not configured with the server URL, the Portal server uses the default server URL of the corresponding type to re-direct.

The following server types can be specified:

aas: The AAS server, default server URL: http://IP-ADDRESS/portal/Login.do

imc: The IMC server, default server URL: http://IP-ADDRES:8080/portal

user-defined: User-defined server. The default server URL format follows the protocol specification <PORTAL protocol specification for China Mobile WLAN service v2.0.2>.

Table 13–3 Configure the Portal server type

Step

Command

Description

Enter global configuration mode

configure terminal

-

Configure the Portal server type

portal server server-name type { aas | imc | user-defined }

Optional

By default, the server type is AAS.

Configure Portal Server Detection Function

In the process of the Portal authentication, if the communication between the authentication device and the Portal server is interrupted, the new users cannot be able to get online, and the existing online Portal users cannot be able to get offline normally. To solve these problems, it is necessary that the authentication device can detect the change of the reachable state of the Portal server in time, and trigger the corresponding operations to deal with the impact of the change. For example, when a specified Portal server is not reachable, all users who authenticate using the Portal server will be forced to pass the authentication, so as to access network resources, which is commonly referred to as the Portal escape function.

With the detection function, the authentication device can detect the reachable status of the Portal server. The specific configuration is as follows:

Table 13–4 Configure the Portal server detection function

Step

Command

Description

Enter global configuration mode

configure terminal

-

Configure the interval of detecting the Portal server

portal server server-name detect-interval detect-interval-value

Optional

By default, the interval of detecting the Portal server is 60s, and the value range is 20-600s or 0. When it is configured as 0, do not detect the Portal server.

Configure the action when the reachable status of the Portal server changes

portal server server-name failover { log | permit }

Optional

By default, record the log information when the reachable status of the Portal server changes.

Configure the Source Interface Used by Sending the Portal Packet

Specify the source interface used by sending the Portal packet. The configured master IP address in the source interface is the source address used by the authentication device to send the Portal packet to the Portal server. If there is no master IP address in the source interface, the communication will fail.

Table 13–5 Configure the source interface used by sending the Portal packet

Step

Command

Description

Enter global configuration mode

configure terminal

-

Configure the source interface used by sending the Portal packet

portal server server-name source-interface interface-name

Optional

By default, do not specify the source interface used by sending the Portal packet, that is, take the interface of connecting the user as the source interface of sending the Portal packet.

Configure the Destination UDP Port Number of User Forced Offline Packet

The port number of some server for receiving the user forced offline packet is the specified UDP port number, so it is necessary to configure the destination UDP port number of the user forced offline packet.

Table 13–6 Configure the destination UDP port number of the user forced offline packet

Step

Command

Description

Enter global configuration mode

configure terminal

-

Configure the destination UDP port number of the user forced offline packet

portal server server-name ntf-logout-port udp-port-num

Optional

By default, do not specify the destination UDP port number of the user forced offline packet, but adopt the server port number as the destination UDP port number of the user forced offline packet.

  1. The interval of detecting whether the server is reachable
  2. The action when the reachable status of the server changes
  3. Record the log: Record the log information when the reachable status of the Portal server changes
  4. Open user limitation: When the reachable status of the Portal server change, record the log information. When the specified Portal server is unreachable, all users who use the Portal server to authenticate are forced to pass the authentication. When the Portal server is reachable again, force the user who is forced to pass authentication using the Portal server to get offline.