beautypg.com

Verification – H3C Technologies H3C SecPath F1000-E User Manual

Page 39

background image

38

# Configure dm1 as the default ISP domain for all users. Then, if a user enters a username without any

ISP domain at logon, the authentication and accounting methods of the default domain will be used for

the user.

[Device] domain default enable dm1

Configure portal authentication

# Configure the portal server, with the name newpt, IP address 192.168.0.111, key portal, port number
50100, and URL http://192.168.0.111:8080/portal.

[Device] portal server newpt ip 192.168.0.111 key portal port 50100 url

http://192.168.0.111:8080/portal

# Enable portal authentication on the interface connecting the host.

[Device] interface gigabitethernet 0/2

[Device–GigabitEthernet0/2] portal server newpt method direct

[Device–GigabitEthernet0/2] quit

Configure the portal server detection function

# Configure the access device to use the portal heartbeat probe mechanism to detect portal server
newpt at an interval of 40 seconds, and send a server unreachable trap message and disable portal
authentication to permit unauthenticated portal users if two consecutive probes fail.

[Device] portal server newpt server-detect method portal-heartbeat action trap permit-all

interval 40 retry 2

NOTE:

The product of interval and retry must be greater than or equal to the portal server heartbeat interval, and
you are recommended to configure the interval to be greater than the portal server heartbeat interval

configured on the portal server.

Configure portal user information synchronization

# Configure the access device to synchronize portal user information with portal server newpt, setting

the synchronization probe interval to 600 seconds, and specifying the access device to log off users if the

users do not appear in the user synchronization packets sent from the server within two consecutive probe
intervals.

[Device] portal server newpt user-sync interval 600 retry 2

NOTE:

The product of interval and retry must be greater than or equal to the portal user heartbeat interval, and
you are recommended to configure the interval to be greater than the portal user heartbeat interval
configured on the portal server.

Verification

After the above configurations, you can perform the following command to view information about the

portal server.

display portal server newpt

Portal server:

1)newpt:

IP : 192.168.0.111

Key : portal

Port : 50100

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: