127
NOTE:
•
For installation and configuration about the security policy server, see
iMC EAD Security Policy Help.
•
The ACL for resources in the quarantined area and that for restricted resources correspond to
isolation ACL and security ACL on the security policy server, respectively.
•
Modify the authorized ACLs on the access device. However, your changes take effect only for portal
users who log on after the modification.
Specifying the portal server
Specifying a portal server for Layer 3 portal authentication
This task allows you to specify the portal server parameters for Layer 3 portal authentication, including
the portal server IP address, shared encryption key, server port, and the URL address for web
authentication. According to the networking environment, configure a remote portal server or a local
portal server as needed.
•
To configure a remote portal server, specify the IP address of the remote portal server.
•
To use the local portal server of the access device, specify the IP address of a Layer 3 interface on
the access device as the portal server's IP address. The specified interface must be reachable to the
client. Now, the router does not support local portal server.
To specify a portal server for Layer 3 authentication:
To do…
Command…
Remarks
1.
Enter system view.
system-view
—
2.
Specify a portal server and
configure related parameters.
portal server
server-name
ip
ip-
address
[
key
key-string
|
port
port-id
|
url
url-string
|
vpn-
instance
vpn-instance-name
] *
Required.
By default, no portal server is
specified.
NOTE:
•
The specified parameters of a portal server can be modified or deleted only if the portal server is not
referenced on any interface.
•
To ensure that the router can send packets to the portal server in an MPLS VPN, specify the portal
server's VPN instance when specifying the portal server on the router.
Enabling portal authentication
After you enable portal authentication on an access interface, the access interface can perform portal
authentication on connected clients.