beautypg.com

Configuring the portal fail-permit function, Configuring, The portal fail-permit function – H3C Technologies H3C S6300 Series Switches User Manual

Page 120

background image

105

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter portal
authentication server

view.

portal server server-name

N/A

3.

Configure the portal
user synchronization

function.

user-sync timeout timeout

By default, portal user
synchronization is disabled.

Configuring the portal fail-permit function

Perform this task to configure the portal fail-permit function on an interface. When the access device
detects that the portal authentication server or portal Web server is unreachable, it allows users on the

interface to have network access without portal authentication.
If you enable fail-permit for both a portal authentication server and a portal Web server on an interface,

the interface does the following:

Disables portal authentication when either server is unreachable.

Resumes portal authentication when both servers are reachable.

After portal authentication resumes, unauthenticated users must pass portal authentication to access the
network. Users who have passed portal authentication before the fail-permit event can continue

accessing the network.
To configure portal fail-permit:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter interface view.

interface interface-type interface-number

N/A

3.

Enable portal
fail-permit for a portal

authentication server.

portal [ ipv6 ] fail-permit server
server-name

By default, portal fail-permit is
disabled for a portal

authentication server.

4.

Enable portal
fail-permit for a portal

Web server.

portal [ ipv6 ] apply web-server
server-name fail-permit

By default, portal fail-permit is
disabled for a portal Web server.

Configuring BAS-IP for unsolicited portal packets

sent to the portal authentication server

If the device runs Portal 2.0, the unsolicited packets sent to the portal authentication server must carry the

BAS-IP attribute. If the device runs Portal 3.0, the unsolicited packets sent to the portal authentication

server must carry the BAS-IP or BAS-IPv6 attribute.
If IPv4 portal authentication is enabled on an interface, you can configure the BAS-IP attribute on the

interface. If IPv6 portal authentication is enabled on an interface, you can configure the BAS-IPv6

attribute on the interface.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: