Configuring a portal-free rule, Ribed in, Table 174 – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

533

Table 174 Advanced portal parameters

Item Description

Web Proxy Server
Ports

Add the Web proxy server ports to allow HTTP requests proxied by the specified proxy
servers to trigger portal authentication. By default, only HTTP requests that are not
proxied can trigger portal authentication.
Different clients may have different Web proxy configurations. To make sure that clients
using a Web proxy can trigger portal authentication, you must first complete some other

relevant configurations. When the IMC portal server is used, you must first complete the
following configurations:

•

If the client does not specify the portal server's IP address as a proxy exception, ensure

the IP connectivity between the portal server and the Web proxy server and perform
the following configurations on the IMC portal server:

Select NAT as the type of the IP group associated with the portal device.

Specify the proxy server's IP address as the IP address after NAT.

Configure the port group to support NAT.

•

If the client specifies the portal server's IP address as an exception of the Web proxy

server, configure the IP group and port group to not support NAT.

IMPORTANT:

•

If a user's browser uses the Web Proxy Auto-Discovery (WPAD) protocol to discover

Web proxy servers, add the port numbers of the Web proxy servers on the device, and

configure portal-free rules to allow user packets destined for the IP address of the
WPAD server to pass without authentication.

•

If the Web proxy server port 80 is added on the device, clients that do not use a proxy

server can trigger portal authentication only when they access a reachable host
enabled with the HTTP service.

•

Authorized ACLs to be assigned to users who have passed portal authentication must

contain a rule that permits the Web proxy server's IP address. Otherwise, the user
cannot receive heartbeat packets from the remote portal server.

Redirection URL

Specify the auto redirection URL to which users will be automatically redirected after they
pass portal authentication.
To access the network, an unauthenticated user either goes to or is automatically forced
to the portal authentication page for authentication. If the user passes portal

authentication and the access device is configured with an auto redirection URL, the
access device will redirect the user to the URL after a specified period of time.

Wait-Time

Period of time that the device must wait before redirecting an authenticated portal user to
the auto redirection URL.

Configuring a portal-free rule

1.

From the navigation tree, select Authentication > Portal.

2.

Click the Free Rule tab.