Processing Logic of Portal Authentication

Figure 1 shows the processing logic of the access device during Portal authentication. RADIUS authentication is used as an example.

1. When a user accesses a network, if pre-connection authorization is configured, the client obtains the corresponding permission. When the user accesses resources beyond the permissions, the user is redirected to the Portal authentication website. If pre-connection authorization is not configured, the user is redirected to the Portal authentication website.
2. If a user needs to access the Portal authentication website and the Portal server is working properly, the access device and RADIUS server perform Portal authentication. If the Portal server is Down, the access device checks network access permissions of the user. When the Portal server changes from Down to Up, the user is reauthenticated in accordance with the reauthentication triggering mechanism.
3. During Portal authentication, if the RADIUS server works properly, the user is authenticated successfully and granted complete permissions. If the user fails to be authenticated, the access device checks authentication failure and pre-connection authorization. The user obtains corresponding permissions. If the RADIUS server is Down, the access device checks network access permissions when the authentication server is Down, authentication fails, and the user is in the pre-connection phase.

Figure 1 Processing logic