i

Table of Contents

Portal Configuration····················································································································································· 1

Portal Overview·································································································································································1

Introduction to Portal ················································································································································1

Introduction to Extended Portal Functions ··············································································································1

Portal System Components ······································································································································2

Portal Authentication Modes ···································································································································3

Layer 3 Portal Authentication Process ····················································································································4

Portal Configuration Task List···········································································································································6

Configuration Prerequisites ··············································································································································7

Specifying a Portal Server for Layer 3 Portal Authentication ·······················································································7

Enabling Layer 3 Portal Authentication···························································································································8

Controlling Access of Portal Users ··································································································································9

Configuring a Portal-Free Rule ································································································································9

Configuring an Authentication Subnet···················································································································9

Setting the Maximum Number of Online Portal Users ······················································································ 10

Specifying the Authentication Domain for Portal Users····················································································· 10

Configuring RADIUS Related Attributes ······················································································································· 11

Specifying a NAS ID for an Interface ················································································································· 11

Specifying NAS-Port-Type for an Interface ········································································································· 11

Specifying a NAS ID Profile for an Interface ····································································································· 12

Specifying the Source IP Address for Outgoing Portal Packets················································································· 12

Configuring Portal Detection Functions························································································································ 13

Configuring Detection of Online Portal Users ···································································································· 13

Configuring the Portal Server Detection Function ······························································································ 13

Configuring Portal User Information Synchronization······················································································· 15

Logging Off Portal Users ··············································································································································· 16

Displaying and Maintaining Portal ······························································································································ 16

Portal Configuration Examples ····································································································································· 17

Configuring Direct Portal Authentication ············································································································ 17

Configuring Re-DHCP Portal Authentication······································································································· 22

Configuring Layer 3 Portal Authentication·········································································································· 24

Configuring Direct Portal Authentication with Extended Functions ·································································· 26

Configuring Re-DHCP Portal Authentication with Extended Functions····························································· 28

Configuring Layer 3 Portal Authentication with Extended Functions ······························································· 31

Configuring Portal Server Detection and Portal User Information Synchronization ······································· 33

Layer 3 Portal Authentication Across VPNs········································································································ 39

Troubleshooting Portal ··················································································································································· 41

Inconsistent Keys on the Access Device and the Portal Server········································································· 41

Incorrect Server Port Number on the Access Device ························································································· 41