Portal configuration task list – H3C Technologies H3C SecPath F1000-E User Manual
Page 7

6
The re-DHCP authentication process is as follows:
Step 1 through step 6 are the same as those in the direct authentication/cross-subnet authentication
process.
Step7
After receiving the authentication success message, the authentication client obtains a new public IP
address through DHCP and notifies the portal server that it has obtained a public IP address.
Step8
8The portal server notifies the access device that the authentication client has obtained a new public IP
address.
Step9
Detecting the change of the IP address by examining ARP packets received, the access device notifies
the portal server of the change.
Step10
The portal server notifies the authentication client of logon success.
Step11
The portal server sends a user IP address change acknowledgment message to the access device.
With extended portal functions, the process includes two additional steps:
Step12
The security policy server exchanges security check information with the client to check whether the
authentication client meets the security requirements.
Step13
Based on the security check result, the security policy server authorizes the user to access certain
resources, and sends the authorization information to the access device. The access device then controls
accesses of the user based on the authorization information.
Portal Configuration Task List
Complete these tasks to configure Layer 3 portal authentication:
Task Remarks
Specifying a Portal Server for Layer 3 Portal Authentication
Required
Enabling Layer 3 Portal Authentication
Required
Configuring a Portal-Free Rule
Configuring an Authentication Subnet
Setting the Maximum Number of Online Portal
Users
Controlling Access of Portal
Users
Specifying the Authentication Domain for Portal
Users
Optional
Specifying a NAS ID for an Interface
Specifying NAS-Port-Type for an Interface
Configuring RADIUS Related
Attributes
Specifying a NAS ID Profile for an Interface
Optional
Specifying the Source IP Address for Outgoing Portal Packets
Optional
Configuring Detection of Online Portal Users
Configuring the Portal Server Detection Function
Configuring Portal User Information
Synchronization
Optional
Optional