Got it

Summary of Campus Network Portal Authentication

218 0 0 0


Portal authentication can be classified into the following types based on authentication points:


1. Gateway Layer 2 Portal authentication -vlanif interface authentication

2. Gateway Layer 2 Portal authentication-physical port authentication

3. Non-gateway Layer 2 Portal authentication-physical port authentication

4. Layer 3 Portal authentication-physical port /vlanif authentication


Application scenarios of each authentication mode

Authentication TypeApplication ScenarioMeritDisadvantages or Limitations
Gateway Layer 2 Portal Authentication -vlanif AuthenticationThe device is a gateway to many subnets. Some subnets need to be authenticated. Some subnets do not need to be authenticated. Therefore, portal authentication is performed on the gateway based on the subnet VLANIF interface.The configuration is flexible and can be configured as required.If there are too many subnets and the authentication parameters are the same, the configuration is complex.
Gateway Layer 2 Portal Authentication-Physical Port AuthenticationThe device is a gateway to many subnets. All the buttons on the port need to be authenticated.Based on physical port authentication, the networking planning of ports is irrelevant, and policy association is supported. Some authentication performance is delegated to access devices or APs.If some subnets need to be authenticated and some do not need to be authenticated, configure free-rule for the subnets that do not need to be authenticated.
Non-gateway Layer 2 Portal authentication-physical port authenticationThe device performs Layer 2 forwarding only. The gateway may be a third-party device or centralized VXLAN network. The gateway cannot perform Portal authentication.Third-party devices can be used as gateways, and Huawei devices can be used for access or aggregation.Too many authentication points and complex management
Layer 3 portal authentication-physical port /vlanif authenticationThe subnet gateway is on a third-party device. The third-party device accesses Huawei devices through Layer 3. Portal authentication is required for these users.Compatible with third-party devices as gateways and Huawei devices as egress devicesAuthentication packets are usually processed on a physical interface, and the authentication is weak.

  • x
  • convention:


You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits


Huawei Enterprise Support Community
Huawei Enterprise Support Community
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.