Configuring Layer 2 portal authentication to support Web proxy

By default, proxied HTTP requests cannot trigger Layer 2 portal authentication but are silently dropped. To allow such HTTP requests to trigger portal authentication, configure the port numbers of the Web proxy servers on the switch.

If a user's browser uses the Web Proxy Auto-Discovery (WPAD) protocol to discover Web proxy servers, add the port numbers of the Web proxy servers on the switch, and configure portal-free rules to allow user packets destined for the IP address of the WPAD server to pass without authentication.

You must add the port numbers of the Web proxy servers on the switch and users must make sure their browsers that use a Web proxy server do not use the proxy server for the listening IP address of the local portal server. Thus, HTTP packets that the portal user sends to the local portal server are not sent to the Web proxy server.

To configure Layer 2 portal authentication to support a Web proxy:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Add a Web proxy server port number.

portal web-proxy port port-number

By default, no Web proxy server port number is configured and proxied HTTP requests cannot trigger portal authentication.