< Home

portal local-server enable

Function

The portal local-server enable command enables built-in Portal authentication on an interface.

The undo portal local-server enable command disables built-in Portal authentication on an interface.

By default, built-in Portal authentication is disabled on an interface.

Format

In the system view:

portal local-server enable interface { interface-type interface-number1 [ to interface-number2 ] } &<1-10>

undo portal local-server enable interface { interface-type interface-number1 [ to interface-number2 ] } &<1-10>

In the interface view:

portal local-server enable

undo portal local-server enable

Parameters

Parameter

Description

Value

interface { interface-type interface-number1 [ to interface-number2 ] }

Specifies the interface type and number.

  • interface-type specifies the interface type.
  • interface-number specifies the interface number.

-

Views

System view, VLANIF interface view, Ethernet interface view, GE interface view, MultiGE interface view, XGE interface view, 25GE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view, Port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Compared with the external Portal server, the built-in Portal server is easy to use, cost-effective, and easy to maintain. After built-in Portal authentication is enabled, the external Portal server is not required. After the built-in Portal server function is enabled using the portal local-server command, built-in Portal authentication must be enabled on the interface using the portal local-server enable command to authenticate users on the interface.

Prerequisites

Portal authentication has been enabled globally using the portal local-server command.

Precautions

It is recommended that you enable built-in Portal authentication on a VLANIF interface. The VLANIF interface of a super-VLAN does not support built-in Portal authentication.

Built-in Portal authentication of Layer 3 interfaces cannot be configured using this command in the system view.

If 802.1X authentication, MAC address authentication, MAC address bypass authentication or built-in Portal authentication is enabled on a Layer 2 interface, this command cannot be executed on the VLANIF interface of a VLAN to which the Layer 2 interface is added.

The portal local-server enable command cannot be used together with the following commands on the same interface.

Command

Function

mac-vlan enable

Enables MAC address-based VLAN assignment on an interface.

ip-subnet-vlan enable

Enables IP subnet-based VLAN assignment on an interface.

Example

# Enable built-in Portal authentication on VLANIF 10.

<HUAWEI> system-view
[HUAWEI] interface loopback 1
[HUAWEI-LoopBack1] ip address 10.1.1.1 24
[HUAWEI-LoopBack1] quit
[HUAWEI] portal local-server ip 10.1.1.1
[HUAWEI] ssl policy s1
[HUAWEI-ssl-policy-s1] pki-realm default
[HUAWEI-ssl-policy-s1] quit
[HUAWEI] http secure-server ssl-policy s1
[HUAWEI] portal local-server https ssl-policy s1 port 1025
[HUAWEI] vlan batch 10
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] portal local-server enable
Parent Topic: NAC Configuration Commands (Common Mode)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >