(Optional) Setting the Offline Detection Interval for Portal Authentication Users

If a Portal authentication user goes offline due to power failure or network interruption, the device and Portal server may still store user information, which leads to incorrect accounting. In addition, a limit number of users can access the device. If a user goes offline improperly but the device still stores user information, other users cannot access the network.

After the offline detection interval is set for Portal authentication users, if a user does not respond within the interval, the device considers the user offline. The device and Portal server then delete the user information and release the occupied resources to ensure efficient resource use.

This function applies only to Layer 2 Portal authentication, and takes effect on external Portal servers.

The heartbeat detection function of the authentication server can be used to ensure the normal online status of PC users for whom Layer 3 Portal authentication is used. If the authentication server detects that a user goes offline, it instructs the device to disconnect the user.

If the number of offline detection packets (ARP packets) exceeds the default CAR value, the detection fails and the users are logged out. (The display cpu-defend statistics command can be run to check whether ARP request and response packets are lost.) To resolve the problem, the following methods are recommended:

• Increase the detection interval based on the number of users. The default detection interval is recommended when there are less than 8000 users; the detection interval should be no less than 600 seconds when there are more than 8000 users.
• Deploy the port attack defense function on the access device and limit the rate of packets sent to the CPU.