Table of Contents

Chapter 1 Portal Configuration Commands. 1-1

1.1 Portal Configuration Commands. 1-1

1.1.1 debugging portal 1-1

1.1.2 display portal acl 1-4

1.1.3 display portal connection statistics. 1-6

1.1.4 display portal free-rule. 1-9

1.1.5 display portal interface. 1-10

1.1.6 display portal server 1-12

1.1.7 display portal server statistics. 1-13

1.1.8 display portal tcp-cheat statistics. 1-15

1.1.9 display portal user 1-16

1.1.10 portal auth-network. 1-18

1.1.11 portal delete-user 1-18

1.1.12 portal free-rule. 1-19

1.1.13 portal server 1-20

1.1.14 portal server method. 1-21

1.1.15 reset portal connection statistics. 1-22

1.1.16 reset portal server statistics. 1-23

1.1.17 reset portal tcp-cheat statistics. 1-23

 

Chapter 1  Portal Configuration Commands

1.1  Portal Configuration Commands

1.1.1  debugging portal

Syntax

debugging portal { tcp | { acl | all | connection | server } interface interface-type interface-number }

undo debugging portal { tcp | { acl | all | connection | server } interface interface-type interface-number }

View

User view

Default Level

1: Monitor level

Parameters

tcp: Enables/disables debugging for portal TCP spoofing.

acl: Enables/disables debugging for portal ACLs.

all: Enables/disables debugging for portal connections, portal server, and portal ACLs.

connection: Enables/disables debugging for portal connections.

server: Enables/disables debugging for the portal server.

interface interface-type interface-number: Specifies the interface on which debugging is to be enabled. The S9500 series support only VLAN interfaces.

Description

Use the debugging portal command to enable specific portal debugging.  

Use the undo debugging portal command to disable specific portal debugging.

By default, portal debugging is disabled.

Table 1-1 Description on the fields of the debugging portal tcp command

Field	Description
Source	Source information tag
MAC	Source MAC address of the TCP connection
VLAN	VLAN of the source of the TCP connection
PortIndex	Port index of the source of the TCP connection
changed from STATUS_A to STATUS_B	Changed from STATUS_A to STATUS_B

 

Table 1-2 Description on the fields of the debugging portal acl command

Field	Description
Portal interface	Name of the interface with portal authentication enabled
Status	Portal operating state: l      running: Port is running normally. l      enable: Port is enabled. l      disable: Portal is disabled.
Action	Types of matched ACL rules: l      permit: Permits the packet is to pass. l      redirect: Redirects the packet. l      deny: Denies the packet. NULL: No match is found.
Match rule	Matched ACL rule
Inbound interface	Bound interface
Type	Static or dynamic ACL
Source	Source information of the matched ACL rule
IP	Source IP address of the matched ACL rule
Mask	Source mask of the matched ACL rule
Protocol	Protocol of the matched ACL rule
MAC	Source MAC address of the matched ACL rule
Interface	Source port of the matched ACL rule. If no Layer 2 interface is bound, the field is any for an interface with portal authentication enabled.
VLAN	Source VLAN ID of the matched ACL rule. This field is 0 for a routing interface with portal authentication enabled.
Destination	Destination information of the matched ACL rule
IP	Destination IP address of the matched ACL rule
Mask	Destination mask of the matched ACL rule
TCP Port	Destination port of the matched ACL rule
Context	Context sent by the driver module

 

Table 1-3 Description on the fields of the debugging portal connection command

Field	Description
Timer timer-name is started	The timer timer-name is started.
user index	User index
state	Current user state
IP	User IP address
Timer timer-name is stopped	The timer timer-name is stopped.
send message-name message to moduleA	The message message-name is sent to module A.
State stateA changing to stateB	User state changes from stateA to stateB
Recv portal message-name in state-name state	The message message-name is received in the state state-name.
[ACM]	Debugging information printed by the ACM module
Processing message-name	The message message-name is being processed.
recv 1 user index IP ip-address message-name from ACM	The message message-name is received from the ACM module, indicating the user with a user index of index and an IP address of ip-address is authenticated.
recv message-name from DRV	The message message-name is received from the driver.

 

Table 1-4 Description on the fields of the debugging portal server command

Field	Description
Portal socket receive packet length: packetlength	Length of the packet received through socket
Portal check packet OK	Checks whether the received packet is legal
Portal packet head	Portal packet header information
SN: serialNo	Packet serial number
Type: PacketType	Packet type
AttrNum: Number	Number of attributes of the packet
ErrCode: Number	Error code of the packet
UserIP: IP-Address	IP address of the access user
Portal packet attribute list	Attribute list of the packet
Portal raw packet	Packet format
Portal socket send packet length: packetlength	Length of the packet sent through socket

 

Examples

# Enable debugging for portal TCP spoofing on a device running portal.

<Sysname> debugging portal tcp

# Enable debugging for portal ACLs on a device running portal.

<Sysname> debugging portal acl interface Vlan-interface 100

# Enable debugging for portal connections, portal server, and portal ACLs on a device running portal.

<Sysname> debugging portal all interface Vlan-interface 100

# Enable debugging for portal connections on a device running portal.

<Sysname> debugging portal connection interface Vlan-interface 100

# Enable debugging for the portal server on a device running portal.

<Sysname> debugging portal server interface Vlan-interface 100

1.1.2  display portal acl

Syntax

display portal acl { all | dynamic | static } interface interface-type interface-number

View

Any view

Default Level

1: Monitor level

Parameters

all: Displays all access control lists (ACLs), including dynamic ACLs and static ACLs.

dynamic: Displays dynamic ACLs, namely, ACLs generated after a user passes portal authentication.

static: Displays static ACLs, namely, ACLs generated by related configurations.

interface interface-type interface-number: Displays the ACLs on the specified interface. Currently, only VLAN interfaces are supported.

Description

Use the display portal acl command to display the ACLs on the specified interface.

Examples

# Display all ACLs on VLAN-interface 100.

<Sysname> display portal acl all interface Vlan-interface 100

Vlan-interface100 portal ACL rule:

 Rule 0

 Inbound interface = Vlan-interface100

 Type              = static

 Action            = permit

 Source:

    IP        = 10.10.10.0

    Mask      = 255.255.255.0

    MAC       = 0000-0000-0000

    Interface = any

    VLAN      = 100

 Destination:

    IP        = 192.168.0.111

    Mask      = 255.255.255.255

 Rule 1

 Inbound interface = all

 Type              = static

 Action            = permit

 Source:

    IP        = 10.10.10.0

    Mask      = 255.255.255.0

    MAC       = 0000-0000-0000

    Interface = any

    VLAN      = 100

 Destination:

    IP        = 10.10.10.1

    Mask      = 255.255.255.255

Table 1-5 Description on the fields of the display portal acl command

Field	Description
Rule	Sequence number of the generated ACL, which is numbered from 0 in ascending order
Inbound interface	Interface to which a portal ACL is bound
Type	Type of a portal ACL
Action	Match action in a portal ACL
Source	Source information in a portal ACL
IP	Source IP address in a portal ACL
Mask	Subnet mask of the source IP address in a portal ACL
MAC	Source MAC address in a portal ACL
Interface	Source interface in a portal ACL
VLAN	Source VLAN in a portal ACL
Destination	Destination information in a portal ACL
IP	Destination IP address in a portal ACL
Mask	Subnet mask of the destination IP address in a portal ACL

 

1.1.3  display portal connection statistics

Syntax

display portal connection statistics {all | interface interface-type interface-number }

View

Any view

Default Level

1: Monitor level

Parameters

all: Displays portal connection statistics on all interfaces.

interface interface-type interface-number: Displays the portal connection statistics on the specified interface. Currently, only VLAN interfaces are supported.

Description

Use the display portal connection statistics command to display the portal connection statistics on the specified interface or all interfaces.

Examples

# Display the portal connection statistics on Vlan-interface100.

<Sysname> display portal connection statistics interface Vlan-interface 100

 ---------------Interface: Vlan-interface100-----------------------

 User state statistics:

 State-Name                User-Num

 VOID                       0

 DISCOVERED                0

 WAIT_AUTHEN_ACK          0

 WAIT_AUTHOR_ACK          0

 WAIT_LOGIN_ACK           0

 WAIT_ACL_ACK              0

 WAIT_NEW_IP               0

 WAIT_USERIPCHANGE_ACK   0

 ONLINE                     1

 WAIT_LOGOUT_ACK          0

 WAIT_LEAVING_ACK         0

 Message statistics:

 Msg-Name                  Total         Err           Discard

 MSG_AUTHEN_ACK           3              0             0

 MSG_AUTHOR_ACK           3              0             0

 MSG_LOGIN_ACK            3              0             0

 MSG_LOGOUT_ACK           2              0             0

 MSG_LEAVING_ACK          0              0             0

 MSG_CUT_REQ               0              0             0

 MSG_AUTH_REQ              3              0             0

 MSG_LOGIN_REQ             3              0             0

 MSG_LOGOUT_REQ            2              0             0

 MSG_LEAVING_REQ           0              0             0

 MSG_ARPPKT                 0              0             0

 MSG_TMR_REQAUTH           1              0             0

 MSG_TMR_AUTHEN            0              0             0

 MSG_TMR_AUTHOR            0              0             0

 MSG_TMR_LOGIN             0              0             0

 MSG_TMR_LOGOUT            0              0             0

 MSG_TMR_LEAVING           0              0             0

 MSG_TMR_NEWIP             0              0             0

 MSG_TMR_USERIPCHANGE     0              0             0

 MSG_PORT_REMOVE           0              0             0

 MSG_VLAN_REMOVE           0              0             0

 MSG_IF_REMOVE             6              0             0

 MSG_L3IF_SHUT             0              0             0

 MSG_IP_REMOVE             0              0             0

 MSG_ALL_REMOVE            1              0             0

 MSG_IFIPADDR_CHANGE      0              0             0

 MSG_SOCKET_CHANGE        8              0             0.

Table 1-6 Description on the fields of the display portal connection statistics command

Field	Description
User state statistics	Statistics of portal users
State-Name	Name of a user state
User-Num	Number of users
VOID	Number of users in void state
DISCOVERED	Number of users in discovered state
WAIT_AUTHEN_ACK	Number of users in wait_authen_ack state
WAIT_AUTHOR_ACK	Number of users in wait_author_ack state
WAIT_LOGIN_ACK	Number of users in wait_login_ack state
WAIT_ACL_ACK	Number of users in wait_acl_ack state
WAIT_NEW_IP	Number of users in wait_new_ip state
WAIT_USERIPCHANGE_ACK	Number of users wait_useripchange_ack state
ONLINE	Number of users in online state
WAIT_LOGOUT_ACK	Number of users in wait_logout_ack state
WAIT_LEAVING_ACK	Number of users in wait_leaving_ack state
Message statistics	Statistics of messages
Msg-Name	Name of a message
Total	Total number of messages
Err	Number of error messages
Discard	Number of discarded messages
MSG_AUTHEN_ACK	Authentication acknowledgment message
MSG_AUTHOR_ACK	Authorization acknowledgment message
MSG_LOGIN_ACK	Accounting acknowledgment message
MSG_LOGOUT_ACK	Accounting-stop acknowledgment message
MSG_LEAVING_ACK	Leaving acknowledgment message
MSG_CUT_REQ	Cut request message
MSG_AUTH_REQ	Authentication request message
MSG_LOGIN_REQ	Accounting request message
MSG_LOGOUT_REQ	Accounting-stop request message
MSG_LEAVING_REQ	Leaving request message
MSG_ARPPKT	ARP message
MSG_TMR_REQAUTH	Authentication request timeout message
MSG_TMR_AUTHEN	Authentication timeout message
MSG_TMR_AUTHOR	Authorization timeout message
MSG_TMR_LOGIN	Accounting-start timeout message
MSG_TMR_LOGOUT	Accounting-stop timeout message
MSG_TMR_LEAVING	Leaving timeout message
MSG_TMR_NEWIP	Public IP update timeout message
MSG_TMR_USERIPCHANGE	User IP change timeout message
MSG_PORT_REMOVE	Interface user removed message
MSG_VLAN_REMOVE	VLAN user removed message
MSG_IF_REMOVE	Interface remove message
MSG_L3IF_SHUT	Layer 3 interface shutdown message
MSG_IP_REMOVE	IP removed message
MSG_ALL_REMOVE	All users removed message
MSG_IFIPADDR_CHANGE	Interface IP address change message
MSG_SOCKET_CHANGE	Socket change message

 

1.1.4  display portal free-rule

Syntax

display portal free-rule [ rule-number ]

View

Any view

Default Level

1: Monitor level

Parameters

rule-number: Number of the authentication-free rule to be displayed.

Description

Use the display portal free-rule command to display the information of a specified portal-authentication-free rule or all authentication-free rules.

If the rule-number argument is not specified, the information of all authentication-free rules will be displayed.

Examples

# Display the information of authentication-free rule 1.

<Sysname> display portal free-rule 1

 Rule-Number  1:

 Source:

   IP        = 2.2.2.0

   Mask      = 255.255.255.0

   MAC       = 0000-0000-0000

   Interface = any

   Vlan      = 100

 Destination:

   IP        = 0.0.0.0

   Mask      = 0.0.0.0

Table 1-7 Description on the fields of the display portal free-rule command

Field	Description
Rule-Number	Number of an authentication-free rule
Source	Source information in an authentication-free rule
IP	Source IP address in an authentication-free rule
Mask	Subnet mask of the source IP address in an authentication-free rule
MAC	Source MAC address in an authentication-free rule
Interface	Source interface in an authentication-free rule
Vlan	Source VLAN in an authentication-free rule
Destination	Destination information in an authentication-free rule
IP	Destination IP address in an authentication-free rule
Mask	Subnet mask of the destination IP address in an authentication-free rule

 

1.1.5  display portal interface

Syntax

display portal interface interface-type interface-number

View

Any view

Default Level

1: Monitor level

Parameters

interface interface-type interface-number: Specifies an interface by interface type and interface number. Currently, only VLAN interfaces are supported.

Description

Use the display portal interface command to display the portal configuration on the specified VLAN interface, including the referenced portal server, configured authentication mode, and configured service types.

Examples

# Display the portal configuration on VLAN-interface 100.

<Sysname> display portal interface Vlan-interface 100

 Interface portal configuration:

 Vlan-interface100: Portal running

 Portal server: servername

 Authentication type: Layer3

 Service type: Normal

 Authentication network:

 address = 0.0.0.0  mask = 0.0.0.0

Table 1-8 Description on the fields of the display portal interface command

Field	Description
Interface portal configuration	Portal configuration on an interface
Vlan-interface100	Portal state on an interface
Portal server	Portal server applied to an interface
Authentication type	Authentication mode enabled on an interface
Service type	Type of service
Authentication network	Information of an portal authentication subnet
address	IP address of the portal authentication subnet
mask	Subnet mask of the IP address of the portal authentication subnet

 

1.1.6  display portal server

Syntax

display portal server [ server-name ]

View

Any view

Default Level

1: Monitor level

Parameters

server-name: Portal server name.

Description

Use the display portal server command to display information about the specified portal server or all portal servers.

Examples

# Display the information of the portal server named aaa.

<Sysname> display portal server aaa

 Portal server:

  1)aaa:

    IP   = 192.168.0.111

    Key  = portal

    Port = 50100

URL  = http://192.168.0.111/portal

Table 1-9 Description on the fields of the display portal server command

Field	Description
1)	Number of the portal server
aaa	Name of the portal server
IP	IP address of the portal server
Key	Key for portal authentication
Port	Listening port on the portal server
URL	Address the packets are to be redirected to

 

1.1.7  display portal server statistics

Syntax

display portal server statistics { all | interface interface-type interface-number }

View

Any view

Default Level

1: Monitor level

Parameters

all: Displays portal server statistics on all interfaces.

interface interface-type interface-number: Displays portal server statistics on the specified interface. Currently, only VLAN interfaces are supported.

Description

Use the display portal server statistics command to display portal server statistics on the specified interface or all interfaces, including the information of the packets from and to the portal server.

Note that when the all keyword is specified, the device will display the portal server statistics on each interface in turn, even if there is only one portal server.

Examples

# Display the portal server statistics on VLAN-interface 100.

<Sysname> display portal server statistics interface Vlan-interface 100

 ---------------Interface: Vlan-interface100----------------------

 Server name:  st

 Invalid packets: 0

 Pkt-Name                          Total   Discard  Checkerr

 REQ_CHALLENGE                       3        0        0

 ACK_CHALLENGE                       3        0        0

 REQ_AUTH                             3        0        0

 ACK_AUTH                             3        0        0

 REQ_LOGOUT                           1        0        0

 ACK_LOGOUT                           1        0        0

 AFF_ACK_AUTH                         3        0        0

 NTF_LOGOUT                           1        0        0

 REQ_INFO                              6        0        0

 ACK_INFO                              6        0        0

 NTF_USERDISCOVER                    0        0        0

 NTF_USERIPCHANGE                    0        0        0

 AFF_NTF_USERIPCHANGE               0         0        0

 ACK_NTF_LOGOUT                      1         0        0

Table 1-10 Description on the fields of the display portal server statistics command

Field	Description
Interface	Interface where the portal server resides on
Server name	Name of the portal server
Invalid packets	Number of invalid packets
Pkt-Name	Packet name
Total	Total number of packets
Discard	Number of discarded packets
Checkerr	Number of error packets
REQ_CHALLENGE	Challenge request message the portal server sends to the BAS
ACK_CHALLENGE	Challenge acknowledgment message the BAS sends to the portal server
REQ_AUTH	Authentication request message the portal server sends to the BAS
ACK_AUTH	Authentication acknowledgment message the BAS sends to the portal server
REQ_LOGOUT	Logout request message the portal server sends to the BAS
ACK_LOGOUT	Logout acknowledgment message the BAS sends to the portal server
AFF_ACK_AUTH	Affirmation message the portal server sends to the BAS after receiving an authentication success message
NTF_LOGOUT	Forced logout notification message the BAS sends to the portal server
REQ_INFO	Information request message
ACK_INFO	Information acknowledgment message
NTF_USERDISCOVER	User discovery notification message the portal server sends to the BAS
NTF_USERIPCHANGE	User IP change notification message the BAS sends to the portal server
AFF_NTF_USERIPCHANGE	User IP change success notification message the portal server sends to the BAS
ACK_NTF_LOGOUT	Forced logout acknowledgment message from the portal server

 

1.1.8  display portal tcp-cheat statistics

Syntax

display portal tcp-cheat statistics

View

Any view

Default Level

1: Monitor level

Parameters

None

Description

Use the display portal tcp-cheat statistics command to display TCP spoofing statistics.

Examples

# Display all TCP spoofing statistics.

<Sysname> display portal tcp-cheat statistics

 TCP Cheat Statistic:

 Total Opens: 0

 Reset Connections: 0

 Current Opens: 0

 Packets Received: 0

 Packets Sent: 0

 Packets Retransmitted: 0

 Packets Dropped: 0

 HTTP Packets Sent: 0

 Connection State:

          SYN_RECVD: 0

          ESTABLISHED: 0

          CLOSE_WAIT: 0

          LAST_ACK: 0

          FIN_WAIT_1: 0

          FIN_WAIT_2: 0

          CLOSING: 0

Table 1-11 Description on fields of the display portal tcp-cheat statistics command

Field	Description
TCP Cheat Statistic	TCP spoofing statistics
Total Opens	Total number of opened connections
Resets Connections	Number of the connections reset through RST packets
Current Opens	Number of active connections
Packets Received	Number of received packets
Packets Sent	Number of sent packets
Packets Retransmitted	Number of retransmitted packets
Packets Dropped	Number of dropped packets
HTTP Packets Sent	Number of sent HTTP packets
Connection State	State of a connection
ESTABLISHED	Number of connections in ESTABLISHED state
CLOSE_WAIT	Number of connections in CLOSE_WAIT state
LAST_ACK	Number of connections in LAST-ACK state
FIN_WAIT_1	Number of connections in FIN_WAIT_1 state
FIN_WAIT_2	Number of connections in FIN_WAIT_2 state
CLOSING	Number of connections in CLOSING state

 

1.1.9  display portal user

Syntax

display portal user { all | interface interface-type interface-number }

View

Any view

Default Level

1: Monitor level

Parameters

all: Displays user information on all interfaces with portal authentication enabled.

interface interface-type interface-number: Displays user information on the specified interface with portal enabled. Currently, only VLAN interfaces are supported.

Description

Use the display portal user command to display the current user information on the specified interface or all interfaces with portal authentication enabled.

Examples

# Display user information on all interfaces with portal authentication enabled.

<Sysname> display portal user all

 Index:584

 State:ONLINE

 SubState:NONE

 MAC                IP                 Vlan   Interface

 ---------------------------------------------------------------------

 0000-0000-0000   192.168.0.2      17      Vlan-interface17

 Total 1 user(s) matched, 1 listed.

Table 1-12 Description on the fields of the display portal user command

Field	Description
Index	Index of a portal user
State	Current state of a portal user
SubState	Current sub-state of a portal user
MAC	MAC address of a portal user
IP	IP address of a portal user
Vlan	VLAN where a portal user is
Interface	Interface to which a portal user is attached
Total 1 user(s) matched, 1 listed	Total number of portal users

 

 

1.1.10  portal auth-network

Syntax

portal auth-network network-address { mask-length | mask }

undo portal auth-network { network-address | all }

View

VLAN interface view

Default Level

2: System level

Parameters

network-address: Authentication subnet address.

mask-length: Length of the subnet mask, in the range of 0 to 32.

mask: Subnet mask, in dotted decimal notation.

all: Specifies all authentication subnets.

Description

Use the portal auth-network command to configure a portal authentication subnet.

Use the undo portal auth-network command to remove the configuration.

By default, the users in all the subnets are to be authenticated; that is, the portal authentication subnet is 0.0.0.0/0.

Examples

# Set the portal authentication subnet to 10.10.10.0/24.

<Sysname> system-view

[Sysname] interface Vlan-interface 100

[Sysname-Vlan-interface100] portal auth-network 10.10.10.0 24

1.1.11  portal delete-user

Syntax

portal delete-user { ip-address | all | interface interface-type interface-number }

View

System view

Default Level

2: System level

Parameters

ip-address: IP address of a user.

all: Forces all users to log out.

interface interface-type interface-number: Specifies an interface by interface type and interface number. Currently, only VLAN interfaces are supported.

Description

Use the portal delete-user command to force the users attached to the access device to log out.

Related commands: display portal user.

Examples

# Force the user whose host IP address is 1.1.1.1 to log out.

<Sysname> system-view

[Sysname] portal delete-user 1.1.1.1

1.1.12  portal free-rule

Syntax

portal free-rule rule-number { destination { any | ip { ip-address mask { mask-length | netmask } | any } } | source { any | [ interface interface-type interface-number | ip { ip-address mask { mask-length | netmask } | any } | vlan vlan-id ] * } } *

undo portal free-rule { rule-number | all }

View

System view

Default Level

2: System level

Parameters

rule-number: Number of an authentication-free rule, in the range of 0 to 31.

any: Specifies no limitation on the keyword which comes before the any keyword.

ip ip-address: Specifies an IP address in an authentication-free rule.

mask { mask-length | netmask }: Specifies the subnet mask of the IP address. The value of the mask-length argument is in the range 0 to 32, and the netmask argument is in dotted decimal notation.

interface interface-type interface-number: Specifies a source interface in an authentication-free rule. Currently, the S9500 series do not support this argument.

vlan vlan-id: Specifies a source VLAN ID in an authentication-free rule.

all: Specifies all authentication-free rules.

Description

Use the portal free-rule command to configure a portal authentication-free rule, namely, to specify a source filtering condition or destination filtering condition.

Use the undo portal free-rule command to remove the authentication-free rule.

Note that there should be no repeated authentication-free rules. Otherwise, the device will prompt that the authentication-free rule already exists.

Related commands: display portal free-rule.

Examples

# Configure a portal authentication-free rule where the destination IP address is any address.

<Sysname> system-view

[Sysname] portal free-rule 15 source ip 10.10.10.0 mask 24 vlan 100 destination ip any

1.1.13  portal server

Syntax

portal server server-name ip ip-address [ key key-string | port port-id | url url-string ] *

undo portal server server-name [ key | port | url ]

View

System view

Default Level

2: System level

Parameters

server-name: Name of the portal server, a case-sensitive string of 1 to 32 characters.

ip-address: IP address of the portal server.

key-string: Shared key required for communication with the portal server, a case-sensitive string of 1 to 16 characters.

port-id: Destination port ID used when the device sends a message to the portal server on its own, in the range 1 to 65534. The default is 50100.

url-string: Uniform resource locator (URL) to which HTTP packets are to be redirected, in the http://ip-address format. The default of ip-address is the IP address of the portal server.

Description

Use the portal server command to configure a portal server.

Use the undo portal server command to delete the specified portal server or restore the default.

By default, no portal server is configured.

Note that if the specified portal server exists but there is no user on the interface, the specified portal server will be deleted if no parameter is specified when the undo portal server command is executed. Otherwise, the port and url parameters, if specified, will be restored to the default values.

Related commands: display portal server.

 

 

Examples

# Configure portal server pts, setting the IP address to 192.168.0.111, the key to portal, and the redirection URL to http://192.168.0.111/portal.

<Sysname> system-view

[Sysname] portal server servername ip 192.168.0.111 key portal url http://192.168.0.111/portal

1.1.14  portal server method

Syntax

portal server server-name method layer3 [ service-type normal ]

undo portal

View

VLAN interface view

Default Level

2: System level

Parameters

server-name: Portal server name.

method: Authentication method.

layer3: Layer 3 authentication.

service-type: Specifies the type of service. The default service type is normal.

normal: Specifies normal portal server.

Description

Use the portal server command to enable portal authentication on the interface, and specify the portal server to be referenced, authentication mode and service type.

Use the undo portal command to disable portal authentication on the interface.

By default, portal authentication is disabled.

Note that the specified portal server must exist.

Related commands: display portal server.

Examples

# Enable portal authentication on VLAN-interface 100, setting the portal server to servername, the authentication mode to layer3, and the service type to normal.

<Sysname> system-view

[Sysname] interface Vlan-interface 100

[Sysname-Vlan-interface100] portal server servername method layer3 service-type normal

1.1.15  reset portal connection statistics

Syntax

reset portal connection statistics { all | interface interface-type interface-number }

View

User view

Default Level

1: Monitor level

Parameters

all: Clears portal connection statistics on all interfaces.

interface interface-type interface-number: Clears the portal connection statistics on the specified interface. Currently, only VLAN interfaces are supported.

Description

Use the reset portal connection statistics command to clear the portal connection statistics on the specified interface or all interfaces.

Examples

# Clear the portal connection statistics on VLAN-interface 100.

<Sysname> reset portal connection statistics interface Vlan-interface 100

1.1.16  reset portal server statistics

Syntax

reset portal server statistics { all | interface interface-type interface-number }

View

User view

Default Level

1: Monitor level

Parameters

all: Clears the portal server statistics on all interfaces.

interface interface-type interface-number: Clears the portal server-related information on the specified interface. Currently, only VLAN interfaces are supported.

Description

Use the reset portal server statistics command to clear the portal server statistics on the specified interface or all interfaces.

Examples

# Clear the portal server statistics on VLAN-interface 100.

<Sysname> reset portal server statistics interface Vlan-interface 100

1.1.17  reset portal tcp-cheat statistics

Syntax

reset portal tcp-cheat statistics

View

User view

Default Level

1: Monitor level

Parameters

None

Description

Use the reset portal tcp-cheat statistics command to clear TCP spoofing statistics.

Examples

# Clear TCP spoofing statistics.

<Sysname> reset portal tcp-cheat statistics