Configuring the Web authentication server
Perform this task to configure the IP address listened by the Web authentication server, redirection URL, and parameters carried in redirection URL.
Specify the IP address of a Layer 3 interface on the device that is routable to the Web client as the listening IP address of the Web authentication server. As a best practice, use the IP address of a loopback interface rather than that of a Layer 3 interface. A loopback interface has the following advantages:
The status of a loopback interface is stable. There will be no authentication page access failures caused by interface failures.
A loopback interface does not forward received packets to any networks, avoiding impact on system performances when there are many network access requests.
The IP address and port number of the Web authentication server must be the same as those in the redirection URL. Additionally, the port number of the Web authentication server must be the same as the listening port of the local portal Web server.
To configure the Web authentication server:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Create a Web authentication server and enter its view. | web-auth server server-name | By default, no Web authentication servers exist. |
3. Specify the redirection URL for the Web authentication server. | url url-string | By default, no redirection URL is specified for a Web authentication server. |
4. Specify the IP address and port number for the Web authentication server. | ip ipv4-address port port-number | By default, no IP address or port number is specified for a Web authentication server. |
5. Configure the parameters to be carried in the redirection URL of the Web authentication server. | url-parameter parameter-name { original-url | source-address | source-mac | value expression } | By default, no parameters are configured to be carried in the redirection URL of a Web authentication server. |