< Home

Data Model

The configuration model file matching Portal access profile is huawei-nac-portal.yang.

Table 1 Data model

Object

Description

Value

Remarks

/huawei-nac-portal

Indicates that the request operation (creation, deletion, or modification) object is nac-portal. This object is the root object. It is only used to contain sub-objects, but does not have any data meaning.

N/A

N/A

/huawei-nac-portal/portal-access/configure-mode/unified-mode/portal-access-profile

Indicates that a Portal access profile is created.

The value is a string of 1 to 31 case-sensitive characters. It cannot be - or -- and cannot contain spaces or the following symbols: / \ : * ? " < > | @ ' %.

N/A

/huawei-nac-portal/portal-access/configure-mode/unified-mode/portal-access-profile/portal-server/portal-server

Indicates that a Portal server template is bound to the Portal access profile.

The value must be the name of an existing Portal server template.

N/A

/huawei-nac-portal:portal-access/configure-mode/unified-mode/portal-access-profile/portal-server/bak-portal-server

Indicates that a backup Portal server template is bound to the Portal access profile.

The value must be the name of an existing Portal server template.

N/A

/huawei-nac-portal/portal-access/configure-mode/unified-mode/portal-access-profile/portal-mode

Indicates that the Portal authentication mode for the Portal access profile is configured.

Enumerated type:

  • direct: Layer 2 Portal authentication
  • layer3: Layer 3 Portal authentication

N/A

/huawei-nac-portal/portal-access/configure-mode/unified-mode/portal-access-profile/portal-authentication-timer/offline-detect

Indicates that the offline detection interval for Portal authentication users is configured.

The value is 0 or an integer that ranges from 30 to 7200, in seconds. The default value is 300.

The value 0 indicates that user offline detection is not performed.

N/A

/huawei-nac-portal/portal-access/https-redirect-enable

Indicates whether HTTPS redirection of Portal authentication is enabled.

Boolean type:

  • true: enabled
  • false: disabled

N/A

huawei-nac-portal:portal-access/configure-mode/unified-mode/portal-access-profile/authorize-of-authentication-event/authorize-parameters/service-scheme

Indicates that network access rights are configured (using a service scheme) for users when the Portal server is Down.

N/A

N/A

/huawei-nac-portal/portal-access/configure-mode/unified-mode/portal-access-profile/authorize-of-authentication-event/authorize-parameters/ucl-group

Indicates that network access rights are configured (using a UCL group) for users when the Portal server is Down.

N/A

N/A

/huawei-nac-portal:portal-access/configure-mode/unified-mode/portal-access-profile/re-authen-trigger-event

Indicates that the switch is configured to re-authenticate users when the Portal server changes from Down to Up.

N/A

N/A

/huawei-nac-portal:portal-access/captive-option

Indicates that the CNA bypass function of iOS is enabled.

N/A

This object is only supported by the S5730-HI, S5731-H, S5731S-H, S6730-H, S6730S-H, S5732-H, S6720-HI, and S5720-HI.

/huawei-nac-portal:portal-access/redirect-http-port

Indicates the user-defined destination port number for HTTP packets that trigger Portal redirection.

The value is an integer in the range from 1024 to 65535.

N/A

/huawei-nac-portal:portal-access/url-encode-enable

Indicates whether to enable URL encoding and decoding.

The value is of the Boolean type:

  • true: enables the function.
  • false: disables the function.

N/A

/huawei-nac-portal:portal-access/user-roam-reply-enable

Indicates whether to enable the device to respond to the Portal server with the IP address of the new AP after a wireless user roams to the new AP.

The value is of the Boolean type:

  • true: enables the function.
  • false: disables the function.

N/A

/huawei-nac-portal:portal-access/web-authen-server-protocol

Configures the Portal interconnection function of the HTTP or HTTPS protocol.

  • ssl-policy: indicates the SSL policy.
  • port: indicates the port number.
  • ssl-policy: The value must be the name of an existing SSL policy.
  • port: The value can be any integer in the range from 1025 to 65535.

N/A

/huawei-nac-portal:portal-access/portal-max-user-num

Indicates the maximum number of concurrent Portal authentication users allowed to access the device.

The value is an integer that varies depending on the card type.

N/A

/huawei-nac-portal:portal-access/user-alarm

Indicates the alarm threshold for the Portal authentication user count percentage.

The value is an integer in the range from 1 to 100, but the upper alarm threshold must be greater than or equal to the lower alarm threshold.

N/A

/huawei-nac-portal:portal-access/quiet-function/quiet-enable

Indicates whether to enable the quiet function for Portal authentication.

The value is of the Boolean type:

  • true: enables the function.
  • false: disables the function.

N/A

/huawei-nac-portal:portal-access/quiet-function/quiet-period

Indicates the quiet period of Portal authentication users who fail to be authenticated.

The value is an integer in the range from 10 to 3600, in seconds.

N/A

/huawei-nac-portal:portal-access/quiet-function/quiet-times

Indicates the maximum number of authentication failures within 60 seconds before the device quiets a Portal authentication user.

The value is an integer in the range from 1 to 10.

N/A

/huawei-nac-portal:portal-access/local-portal-server/local-server-ip

Indicates the IP address for the built-in Portal server.

The value is in dotted decimal notation.

N/A

/huawei-nac-portal:portal-access/local-portal-server/local-server-url

Indicates the URL address for the built-in Portal server.

The value is a string of 1 to 64 case-sensitive characters without spaces.

N/A

/huawei-nac-portal:portal-access/local-portal-server/local-portal-server-protocol

Configures the built-in Portal server function.

  • ssl-policy: indicates the SSL policy.
  • port: indicates the port number.
  • ssl-policy: The value must be the name of an existing SSL policy.
  • port: The value can be 443 or any integer in the range from 1025 to 55535.

N/A

/huawei-nac-portal:portal-access/configure-mode/unified-mode/portal-access-profile/authentication-network

Indicates the source subnet for Portal authentication.

  • ip: indicates the IP address.
  • prefix-length: indicates the mask.
  • ip: The value is in dotted decimal notation.
  • prefix-length: The value is an integer in the range from 1 to 32.

N/A

/huawei-nac-portal:portal-access/configure-mode/unified-mode/portal-access-profile/local-portal-function/local-server-enable

Indicates whether to enable the built-in Portal server function in the Portal access profile.

The value is of the Boolean type:

  • true: enables the function.
  • false: disables the function.

N/A

/huawei-nac-portal:portal-access/configure-mode/unified-mode/portal-access-profile/local-portal-function/anonymous-function

Indicates whether to enable anonymous redirection for users authenticated through the built-in Portal server.

The value is of the Boolean type:

  • true: enables the function.
  • false: disables the function.

N/A
Parent Topic: Configuring a Portal Access Profile
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >