Configuring a remote portal authentication server

With portal authentication enabled, the device searches for a portal authentication server for a received portal request packet according to the source IP address and VPN information of the packet.

• If a matching portal authentication server is found, the device regards the packet valid and sends an authentication response packet to the portal authentication server. After a user logs in to the device, the user interacts with the portal authentication server as needed.

• If no matching portal authentication server is found, the device drops the packet.

Do not delete a portal authentication server in use. Otherwise, users authenticated by that server cannot log out correctly.

1. Enter system view.

   system-view

2. Create a portal authentication server and enter its view.

   portal server server-name

   You can create multiple portal authentication servers.

3. Specify the IP address of the portal authentication server.

   IPv4:

   ip ipv4-address [ vpn-instance ipv4-vpn-instance-name ] [ key { cipher | simple } string ]

   IPv6:

   ipv6 ipv6-address [ vpn-instance ipv6-vpn-instance-name ] [ key { cipher | simple } string ]

4. (Optional.) Set the destination UDP port number used by the device to send unsolicited portal packets to the portal authentication server.

   port port-number

   By default, the UDP port number is 50100.

   This port number must be the same as the listening port number specified on the portal authentication server.

5. (Optional.) Specify the portal authentication server type.

   server-type { cmcc | imc }

   By default, the portal authentication server type is IMC.

   The specified server type must be the same as the type of the portal authentication server actually used.

6. (Optional.) Configure the device to periodically register with the portal authentication server.

   server-register [ interval interval-value ]

   By default, the device does not register with a portal authentication server.