web-server user-first-url-key
Function
The web-server user-first-url-key command configures the keyword of a user IP address.
The undo web-server command restores the mandatory web server in a domain to the default setting.
By default, the mandatory web server is not configured.
This command is supported only on the NetEngine 8000 F1A.
Parameters
| Parameter | Description | Value |
|---|---|---|
| key-name |
Specifies the keyword used when a homepage to be displayed after a user is authenticated by a web server. The AC device sends keyword=URL of the homepage to the web server. The web server identifies whether a URL is the URL of the homepage based on the keyword, and processes it. |
The value is a string of 1 to 31 characters. |
| default-name |
The default keyword used when a homepage to be displayed after a user is authenticated by a web server is wlanuserfirsturl. |
- |
| user-first-url-key |
Specifies a homepage to be displayed after a user is authenticated by a web server. By default, a homepage will not be displayed after a user is authenticated by a web server. |
- |
Usage Guidelines
Usage Scenario
Mandatory web authentication is a function that enables the to redirect the access request of a user to the web server when a user accesses an unauthorized address before being authenticated, facilitating user authentication.
If a customized Portal attribute is configured, after the receives a user packet that needs to be redirected, the adds the keyword and corresponding attribute to the string of the redirection URL in the redirection packet and sends the packet to the user. After receiving this redirection packet, the user accesses the web server. The access packet carries the device IP address, user IP address, user's physical location information, and corresponding keyword. The forwards the packet to the web server. The web server parses the packet based on the keyword and pops up the request homepage to the user based on the user information in the packet.Precautions
This command is supported only on the admin VS.
- When you run the web-server command in the AAA domain view, check whether the web authentication server to which the active/standby server in IP mode is the same as that in URL mode. If they are different, you cannot run the web-server command.
- The active web server must be different from the standby Web server.
- To delete the web authentication server, you must remove the binding of the web authentication server.
- You must bind the web authentication server in the system view; otherwise, the binding fails.
- If the web-auth-server source interface command is not run in the system view, run the web-server redirect-key mscg-ip command and the web-server command in the AAA domain view. In this way, a source interface's route can be used as a customized parameter of this source interface when an IPv6 user switches between the authentication domain and pre-authentication domain. When users are forcibly redirected to the web server, if you do not want the actual user MAC address or AP MAC address to be displayed, run the web-server redirect-key command with cipher aes128 configured. Then the user MAC address or AP MAC address is displayed in ciphertext. shared-key or shared-key-cipher in the web-server url-parameter { shared-key | shared-key-cipher } command is used to generate the ciphertext user MAC address or AP MAC address to be displayed. In IPv6 forcible redirection scenarios, you must run the web-server identical-url command. This configuration allows IPv4 and IPv6 users to use identical URL and the IPv6 redirection web page to be pushed to users.