SGS-6340 Series User Manual

Table Of Contents
Chapter 52 Web Portal Configuration
52.1 Introduction to Web Portal Authentication
802.1x authentication uses the special client to authenticate. The device uses the special layer
2 switch; the authentication server uses RADIUS server; and the format of authentication
message uses EAP protocol. Use EAPOL encapsulation technique (encapsulate EAP packets
within Ethernet frame) to process the communication between client and authentication proxy
switch, but authentication proxy switch and authentication server use EAPOR encapsulation
format (run EAP packets on Radius protocol) to process the communication. The device and
RADIUS server use RADIUS protocol to transmit PAP packets or CHAP packets when the
device processes to relay.
For implementing identity authentication and network accessing, user should install the special
authentication client software, and spring the authentication flow to communicate with Radius
server through logging in authentication client. After 802.1x authentication is added in
web-based authentication mode, the user can download a special Java Applet program by
browser or other plug-in to replace 802.1x client.
For the environment which uses 802.1x authentication, installing client or downloading the
special Java Applet program become a mortal problem. To satisfy user’s actual requirement,
the manual describes an application scene based on web portal authentication. Web portal
authentication not only implements the basic device authentication without the client but also
implement the security detection to the terminal.
52.2 Web Portal Authentication Configuration Task List
1. Enable/disable web portal authentication globally (required)
2. Enable/disable web portal authentication of the port (required)
3. Configure the max. web portal binding number allowed by the port (optional)
4. Configure HTTP redirection address of web portal authentication (required)
5. Configure IP source address for communicating between accessing device and portal
server (required)
6. Enable dhcp snooping binding web portal function (optional)
7. Delete the binding information of web portal authentication
52-138