Re-dhcp authentication process – H3C Technologies H3C S7500E Series Switches User Manual

8-6

9) Based on the security checking result, the security policy server authorizes the user to

access certain resources, and sends the authorization information to the access device.

The access device then controls accesses of the user based on the authorization

information.

Re-DHCP authentication process

Figure 8-3 Re-DHCP authentication process

The re-DHCP authentication process is as follows:

Step 1 through step 6 are the same as those in the direct authentication/Layer 3 portal

authentication process.

7) After receiving an authentication acknowledgment message, the authentication client obtains

a new public IP address through DHCP and notifies the portal server that it has obtained a

public IP address.

8) The portal server notifies the access device that the authentication client has obtained a new

public IP address.

9) Detecting the change of the IP address by examining ARP packets received, the access

device notifies the portal server of the change.

10) The portal server notifies the authentication client of logon success.

11) The portal server sends a user IP address change acknowledgment message to the access

device.

With extended portal functions, the process includes two additional steps:

12) The security policy server exchanges security checking information with the client to check

whether the authentication client meets the security requirements.