Portal system using the local portal Web server

The access device supports the local portal Web server feature. Using this feature, the access device also acts as the portal Web server and the portal authentication server to perform local portal authentication on portal users. In this case, the portal system consists of only three components: authentication client, access device, and authentication/accounting server, as shown in Figure 52.

The authentication client cannot be an HPE iNode client. Local portal authentication only supports authenticating Web clients.

No security policy server is needed because local portal authentication does not support extended portal functions.

The local portal Web server feature implements only some simple portal server functions. It only allows users to log in and log out through the Web interface. It cannot take the place of independent portal Web and authentication servers.

HTTP and HTTPS can be used for interaction between an authentication client and a local portal Web server. If HTTP is used, there are potential security problems because HTTP packets are transferred in plain text. If HTTPS is used, secure data transmission is ensured because HTTP packets are secured by SSL.

To perform local portal authentication, you must customize a set of authentication pages that the device will push to users. You can customize multiple sets of authentication pages, compress each set of the pages to a .zip file, and upload the compressed files to the storage medium of the device. On the device, you must specify one of the files as the default authentication page file by using the default-logon-page command.

For more information about authentication page customization, see "Customizing authentication pages." For more information about the default-logon-page command, see Security Command Reference.