294
undo portal user-detect
Default
Online detection of IPv4 portal users is disabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
type
: Specifies the detection type.
•
arp
—ARP detection.
•
icmp
—ICMP detection.
retry
retries
: Specifies the maximum number of detection attempts, in the range of 1 to 10. The
default value is 3.
interval
interval
: Specifies a detection interval in the range of 1 to 1200 seconds. The default interval
is 3 seconds.
idle time
: Specifies a user idle timeout in the range of 60 to 3600 seconds. The default idle timeout is
180 seconds. When the timeout expires, online detection of IPv4 portal users is started.
Usage guidelines
If the device receives no packets from a portal user within the configured idle time, the device detects
the user's online status as follows:
•
ICMP detection
—Sends ICMP requests to the user at configurable intervals to detect the user
status.
If the device receives a reply within the maximum number of detection attempts, it considers
that the user is online and stops sending detection packets. Then the device resets the idle
timer and repeats the detection process when the timer expires.
If the device receives no reply after the maximum number of detection attempts, the device
logs out the user.
•
ARP detection
—Sends ARP requests to the user and detects the ARP entry status of the user
at configurable intervals.
If the ARP entry of the user is refreshed within the maximum number of detection attempts,
the device considers that the user is online and stops detecting the user's ARP entry. Then
the device resets the idle timer and repeats the detection process when the timer expires.
If the ARP entry of the user is not refreshed after the maximum number of detection
attempts, the device logs out the user.
Direct authentication and re-DHCP authentication support both ARP detection and ICMP detection.
Cross-subnet authentication only supports ICMP detection.
If firewall policies on the access device filter out ICMP packets, ICMP detection might fail and result
in the logout of portal users. Make sure the access device does not block ICMP packets before you
enable ICMP detection on an interface.
Examples
# Enable online detection of IPv4 portal users on VLAN-interface 100. Configure the detection type
as
ARP
, the maximum number of detection attempts as
5
, the detection interval as
10
seconds, and
the user idle timeout as
300
seconds.
<Sysname> system-view
[Sysname] interface vlan-interface 100