Portal Certification Introduction
Portal authentication is also commonly referred to as Web authentication. Portal authentication websites usually called portals. When an unauthenticated users to access the Internet, the device requires the user to log on to a specific site, users can access the service for free. When the user needs to use other information on the Internet, it must be authenticated in the portal. Internet resources can be used only after authenticated.
Users can access the site known Portal authentication, enter a user name and password, Portal authentication start this way is called active authentication. Conversely, if the user attempts to access other external networks via HTTP, Web site Portal authentication will be forced to access the Portal authentication process. This method is called to force authentication.
Portal authentication implementation
Portal authentication support NAC local authentication (built-in support for up to 65,000 local accounts local server), and is also compatible with third-party authentication servers: RADIUS server, LDAP server, Windows Active Directory.
Layer 3 Portal authentication process is as follows:
1, Portal user initiates an authentication request through HTTP. HTTP packet arrives access devices to access the HTTP server Portal package or set the address can allow free access, access equipment; HTTP address to access other packages, access portal server device redirection for the Portal Server authenticates the user to enter a user name and password a web page.
2. The mutual authentication between the access device and the CHAP portal server (Authentication Protocol). If you are using PAP Authentication (Password Authentication Protocol), please go directly to the next step.
3. The portal server to satisfy the authentication request packet to the user name and password of the access device and starts a timer to wait for a response packet authentication.
4. In between the access device and the RADIUS server exchange RADIUS packets.
The response message to the access device transmits an authentication server Portal.
6. The portal server sends a packet authentication client notifies the client authentication (online) is correct.
7. verification response confirming portal server sends to the access device identity.
8. security information exchange between the client and the server security policy. Security security policy server detects an access terminal is qualified, including whether to install antivirus software, virus database update, install illegal software, update the operating system patches.
9. The server security policy allows users based on security and authorization information is stored in the access device and an access device to use that information to access the non-restricted resource control user access.
Note :( steps 8 and 9 are spread function authentication portal interaction)
Portal authentication page
At the same time, support for custom Newsletter wireless portal, which can be personalized and customized according to your needs, including, inter alia, the certification page title page, logo, background color, description text, image and advertising other information.
It supports portal page, WYSIWYG, easy to personalize Portal authentication page preview function.