Enabling validity check on wireless clients
The following matrix shows the feature and hardware compatibility:
Hardware | Feature compatibility |
|---|---|
MSR954 (JH296A/JH297A/JH298A/JH299A/JH373A) | Yes |
MSR958 (JH300A/JH301A) | No |
MSR1002-4/1003-8S | Yes |
MSR2003 | Yes |
MSR2004-24/2004-48 | Yes |
MSR3012/3024/3044/3064 | Yes |
MSR4060/4080 | No |
Enable this feature when portal authentication is enabled on the service template. In wireless networks where the local forwarding mode is used, the AC does not have ARP entries for clients. Therefore, the AC cannot check the validity of portal clients by using ARP entries. To ensure that valid users can perform portal authentication, you must enable wireless client validity check on the AC.
This feature enables the AC to validate a client by looking up the client information in the WLAN snooping table, DHCP snooping table, and ARP table. If the client information exists, the AC determines the client to be valid for portal authentication.
To enable validity check on wireless clients:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable validity check on wireless portal clients. | portal host-check enable | By default, validity check on wireless portal clients is disabled. The device checks wireless portal client validity according to ARP entries only. |