Home > HP > Switch > HP A 5120 Manual

HP A 5120 Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual HP A 5120 Manual. The HP manuals for Switch are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 121

    Page 121 111 Authentication page customization support The local portal server function allows you to customize authentication pages. You can customize authentication pages by editing the corresponding HTML files and then compress and save the files to the storage medium of the device. A set of customized authentication pages consists of six authentication pages—the logon page, the logon success page, the online page, the logoff success page, the logon failure... 
     
111 
Authentication page customization support 
The  local  portal  server  function  allows  you  to  customize  authentication  pages.  You  can  customize 
authentication pages by editing the corresponding HTML files and then compress and save the files to the 
storage  medium  of  the  device.  A  set  of  customized  authentication  pages  consists of  six  authentication 
pages—the  logon  page,  the  logon  success  page,  the  online  page,  the  logoff  success  page,  the  logon 
failure...

    Page 122

    Page 122 112 2. The access device and the RADIUS server exchange RADIUS packets to authenticate the user. 3. If the user passes RADIUS authentication, the local portal server pushes a logon success page to the authentication client. Authorized VLAN Layer 2 portal authentication supports VLAN assignment by the authentication server. After a user passes portal authentication, if the authentication server is configured with an authorized VLAN for the user, the authentication server assigns the... 
     
112 
2. The access device and the RADIUS server exchange RADIUS packets to authenticate the user. 
3. If the user passes RADIUS authentication, the local portal server pushes a logon success page to the 
authentication client. 
Authorized VLAN 
Layer 2 portal authentication supports VLAN assignment by the authentication server. After a user passes 
portal  authentication, if  the  authentication  server  is  configured  with an authorized  VLAN for  the  user,  the 
authentication  server  assigns the...

    Page 123

    Page 123 113 Task Remarks Specifying the local portal server for Layer 2 portal authentication Required Configuring the local portal server Customizing authentication pages Optional Configuring the local portal server Required Controlling access of portal users Configuring a portal-free rule Optional Setting the maximum number of online portal users Specifying an authentication domain for portal users Adding a web proxy server port number Enabling support for portal user moving Specifying the... 
     
113 
Task Remarks 
Specifying the local portal server for Layer 2 portal authentication Required 
Configuring the local portal server Customizing authentication pages Optional 
Configuring the local portal server Required 
Controlling access of portal 
users 
Configuring a portal-free rule 
Optional 
Setting the maximum number of online portal 
users 
Specifying an authentication domain for portal 
users 
Adding a web proxy server port number 
Enabling support for portal user moving 
Specifying the...

    Page 124

    Page 124 114 Specifying the local portal server for Layer 2 portal authentication Layer 2 portal authentication uses the local portal server. You need to specify the IP address of a Layer 3 interface on the device that is routable to the portal client as the listening IP address of the local portal server. HP strongly recommends that you use the IP address of a loopback interface rather than a physical Layer 3 interface, because:  The status of a loopback interface is stable.... 
     
114 
Specifying the local portal server for Layer 2 portal 
authentication 
Layer 2 portal authentication uses the local portal server. You need to specify the IP address of a Layer 3 
interface  on  the  device that is  routable  to  the  portal  client  as  the  listening  IP  address  of  the  local  portal 
server. HP strongly recommends that you use the IP address of a loopback interface rather than a physical 
Layer 3 interface, because: 
 The  status  of  a  loopback  interface  is  stable....

    Page 125

    Page 125 115 Table 9 Main authentication page file names Main authentication page File name Logon page logon.htm Logon success page logonSuccess.htm Logon failure page logonFail.htm Online page Pushed after the user gets online for online notification online.htm System busy page Pushed when the system is busy or the user is in the logon process busy.htm Logoff success page logoffSuccess.htm NOTE: You can define the names of the files other than the main authentication page files. The file names... 
     
115 
Table 9 Main authentication page file names 
Main authentication page File name 
Logon page logon.htm 
Logon success page logonSuccess.htm 
Logon failure page logonFail.htm 
Online page 
Pushed after the user gets online for online notification online.htm 
System busy page 
Pushed when the system is busy or the user is in the logon process busy.htm 
Logoff success page logoffSuccess.htm 
 
 NOTE: 
You can define the names of the files other than the main authentication page files. The file names...

    Page 126

    Page 126 116 The following example shows part of the script in page online.htm. Rules on page file compression and saving  A set of authentication page files must be compressed into a standard zip file. The name of a zip file can contain only letters, numerals, and underscores. The zip file of the default authentication pages must be saved with name defaultfile.zip.  The set of authentication pages must be located in the root directory of the zip file.  Zip files... 
     
116 
The following example shows part of the script in page online.htm. 
 
 
 
Rules on page file compression and saving 
 A  set  of  authentication  page  files  must be compressed into  a  standard  zip  file.  The  name  of  a  zip 
file  can  contain  only  letters,  numerals,  and  underscores.  The  zip  file  of  the  default  authentication 
pages must be saved with name defaultfile.zip. 
 The set of authentication pages must be located in the root directory of the zip file. 
 Zip  files...

    Page 127

    Page 127 117 ... ... ... ... Redirecting authenticated users to a specified web page To make the device automatically redirect users passing authentication to a specified web page, do the following in logon.htm and logonSuccess.htm: 1. In logon.htm, set the target attribute of Form to blank. See the contents in gray: 2. Add the function for page loading pt_init() to logonSucceess.htm. See the contents in gray: LogonSuccessed... 
     
117 
     
    ... ... 
 
    ... ... 
     
     
 
Redirecting authenticated users to a specified web page 
To  make  the  device automatically redirect  users  passing authentication to  a  specified  web  page,  do  the 
following in logon.htm and logonSuccess.htm: 
1. In logon.htm, set the target attribute of Form to blank. 
See the contents in gray: 
     
2. Add the function for page loading pt_init() to logonSucceess.htm. 
See the contents in gray: 
     
     
    LogonSuccessed...

    Page 128

    Page 128 118  Configure the SSL server policy, and specify the PKI domain to be used, which is configured in the above step. For more information, see the chapter ―SSL configuration.‖ When you specify the protocol for the local portal server to support, the local portal server will load the default authentication page file, which is supposed to be saved in the root directory of the device. To ensure that the local portal server uses the user-defined... 
     
118 
 Configure  the  SSL  server  policy,  and  specify  the  PKI  domain  to  be  used,  which  is  configured  in  the 
above step. For more information, see the chapter ―SSL configuration.‖ 
When  you specify the  protocol  for  the  local  portal  server  to  support,  the  local  portal  server  will  load  the 
default  authentication  page  file, which is supposed  to  be  saved  in  the  root  directory  of  the  device.  To 
ensure that  the  local  portal  server  uses  the  user-defined...

    Page 129

    Page 129 119 Controlling access of portal users Configuring a portal-free rule A portal-free rule allows specified users to access specified external websites without portal authentication. For Layer 2 portal authentication, you can configure only a portal-free rule that is from any source address to any or a specified destination address. If you configure a portal-free rule that is from any source address to a specified destination address, users can access the specified address... 
     
119 
Controlling access of portal users 
Configuring a portal-free rule 
A portal-free  rule  allows specified users to  access specified external  websites without  portal 
authentication.  
For Layer 2 portal authentication, you can configure only a portal-free rule that is from any source address 
to  any  or  a  specified  destination  address.  If  you  configure  a  portal-free  rule that  is  from  any  source 
address to a specified destination address, users can access the specified address...

    Page 130

    Page 130 120 Specifying an authentication domain for portal users After you specify an authentication domain for portal users on an interface, the device uses the authentication domain for authentication, authorization, and accounting (AAA) of all portal users on the interface, ignoring the domain names carried in the usernames. This allows you to specify different authentication domains for different interfaces as needed. Follow these steps to specify an authentication... 
     
120 
Specifying an authentication domain for portal users 
After  you  specify an authentication  domain  for  portal  users  on  an  interface, the  device  uses the 
authentication domain  for authentication,  authorization,  and  accounting  (AAA) of all portal  users  on  the 
interface,  ignoring  the  domain  names carried  in  the  usernames.  This  allows  you  to  specify  different 
authentication domains for different interfaces as needed. 
Follow these steps to specify an authentication...
    Start reading HP A 5120 Manual

    Related Manuals for HP A 5120 Manual

    All HP manuals