How to configure built-in Portal authentication

1

The built-in Portal server of the access device provides built-in Portal authentication. The configuration is as follows:
1. Create a loopback interface and assign an IP address to the loopback interface.
[Huawei] interface loopback 1
[Huawei-LoopBack1] ip address 192.168.1.30 32
[Huawei-LoopBack1] quit
2. Configure an IP address for the built-in Portal server.
[Huawei] portal local-server ip 192.168.1.30
3. Enable Portal authentication.
[Huawei] portal local-server https ssl-policy huawei //Ensure that the SSL policy named huawei has been configured.
[Huawei] portal local-server enable interface ethernet 2/0/0

You also need to perform the following configurations:
- Configure VLANs and interfaces.
- Configure a domain that users belong to and AAA schemes.
- If local authentication is used, add the user name and password on the access device.
- If remote authentication is used, configure the RADIUS server template, route to the RADIUS server, user name, password, and shared key.

Other related questions:
How to configure built-in Portal authentication
The built-in Portal server of the access device provides built-in Portal authentication. The configuration is as follows: 1. Create a loopback interface and assign an IP address to the loopback interface. [Huawei] interface loopback 1 [Huawei-LoopBack1] ip address 192.168.1.30 32 [Huawei-LoopBack1] quit 2. Configure an IP address for the built-in Portal server. [Huawei] portal local-server ip 192.168.1.30 3. Enable Portal authentication. [Huawei] portal local-server https ssl-policy huawei //Ensure that the SSL policy named huawei has been configured. [Huawei] portal local-server enable interface ethernet 2/0/0 You also need to perform the following configurations: - Configure VLANs and interfaces. - Configure a domain that users belong to and AAA schemes. - If local authentication is used, add the user name and password on the access device. - If remote authentication is used, configure the RADIUS server template, route to the RADIUS server, user name, password, and shared key.

S series switches' support for Portal authentication
Portal authentication is also called web authentication. For S series switches (except the S1700), Portal authentication can be classified into built-in Portal authentication and external Portal authentication. S series switches' support for external Portal authentication is as follows: - In V100R006: Switches except the S2700SI, S2710SI, S2700EI, S2752EI, S5700LI, and S5700S-LI support external Portal authentication. - In V200R001: Switches except the S5700LI and S5700S-LI support external Portal authentication. - In V200R002: Switches except the S5700LI and S5700S-LI support external Portal authentication. - In V200R003: Switches except the S2750EI, S5700LI, and S5700S-LI support external Portal authentication. - In V200R005 and later versions: All switch models support external Portal authentication. In versions earlier than V200R007C00, the S2720EI, S2750EI, S5700-10P-LI-AC, and S5700-10P-PWR-LI-AC support built-in Portal authentication only. In V200R007C00 and later versions, the S2720EI, S2750EI, S5700-10P-LI-AC, and S5700-10P-PWR-LI-AC that have Layer 3 hardware forwarding of IPv4 packets enabled support external Portal authentication. Only S series fixed switches support built-in Portal authentication.

Does an AC's built-in Portal server support blinding between STAs and accounts
The built-in Portal server of ACs and Fat APs does not support blinding between STAs and accounts.

How to configure external Portal authentication
The external Portal server with independent hardware provides external Portal authentication. The configuration is as follows: 1. Configure the Portal server template abc. [Huawei] web-auth-server abc [Huawei-web-auth-server-abc] server-ip 192.168.2.20 [Huawei-web-auth-server-abc] port 50200 //Ensure that the configured port number is the same as the port number of the Portal server. [Huawei-web-auth-server-abc] url http://192.168.2.20:8080/webagent [Huawei-web-auth-server-abc] quit 2. Enable Portal authentication. [Huawei] interface vlanif 10 [Huawei-Vlanif10] web-auth-server abc direct [Huawei-Vlanif10] quit 3. Set the shared key that the AR uses to exchange information with the Portal server to Huawei@123 in cipher text. [Huawei] web-auth-server abc [Huawei-web-auth-server-abc] shared-key cipher Huawei@123 [Huawei-web-auth-server-abc] quit You also need to perform the following configurations: - Configure VLANs and interfaces. - Configure a domain that users belong to and AAA schemes. - If local authentication is used, add the user name and password on the access device. - If remote authentication is used, configure the RADIUS server template, route to the RADIUS server, user name, password, and shared key.

Configure Portal authentication on S series switch
Portal authentication is also called web authentication. Generally, portal authentication websites are referred to as portal websites. In Portal authentication, users do not need a specific client and can access some free services and portal website without being authenticated. Among S series switches (except S1700), modular switches support only external Portal servers; fixed switches support both external Portal servers and built-in Portal servers (access devices provide the Portal server function).

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top