No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R011C10 Configuration Guide - User Access and Authentication

This document describes the working mechanisms, configuration procedures, and configuration examples of User Access and Authentication features, such as AAA, DAA, NAC, PPPoE, Policy Association, and IP session.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the Web Push Function

Configuring the Web Push Function

Context

After a user is successfully authenticated, the device forcibly redirect the user to a web page when receiving the HTTP or HTTPS packet from the user who accesses web pages for the first time. In addition to pushing advertisement pages, the device can obtain user terminal information through the HTTP or HTTPS packets sent by the users, and apply the information to other services. There are two ways to push web pages:
  1. URL: pushes the URL corresponding to the web page.
  2. URL template: pushes the URL template. A URL template must be created. The URL template contains the URL of the pushed web page and URL parameters.

For a user who goes online through the X series cards, the forcible push function takes effect only for the first HTTP or HTTPS packet received from the user. If an application program that actively sends HTTP or HTTPS packets is installed on the user terminal, the terminal has sent the HTTP or HTTPS packet before the user accesses a web page. Therefore, the user is unaware of the web page push process.

The forcible push function takes effect only when a redirection ACL is configured for users who go online from cards excluding the X series cards. If a redirection ACL exists in the user table, a web page is forcibly pushed when HTTP packets from users match the redirection ACL rule. Usually, you can configure the RADIUS server to authorize the Huawei extended RADIUS attribute HW-Redirect-ACL to users for redirection ACL implementation, or run the redirect-acl command to configure a redirection ACL.

For HTTPS packets, the forcible push function takes effect only when a redirection ACL is used. If the user table always contains redirection ACLs, a web page is forcibly pushed when HTTPS packets from users match redirection ACL rules.

NOTE:

If the switch functions as an AC and the direct forwarding mode is used in a wireless scenario, the forcible web page push function is not supported.

Procedure

  • URL mode

    1. Run system-view

      The system view is displayed.

    2. Run aaa

      The AAA view is displayed.

    3. Run domain domain-name

      An AAA domain is created and the AAA domain view is displayed.

      The device has two default domains: default and default_admin. Common access users use the default domain and the administrator uses the default_admin domain.

    4. Run force-push url url-address

      The URL push function is enabled.

      By default, the URL push function is disabled.

  • URL template mode

    1. Create and configure a URL template.
      1. Run system-view

        The system view is displayed.

      2. Run url-template name template-name

        A URL template is created and the URL template view is displayed.

        By default, no URL template is created on the device.

      3. Run url [ push-only ] url-string [ ssid ssid ]

        A pushed URL is configured.

        By default, no pushed URL is configured.

        The SSID that users associate with must be the same as that configured on the device; otherwise, the device cannot push URLs to users.

      4. Run url-parameter { ac-mac ac-mac-value | ac-ip ac-ip-value | ap-ip ap-ip-value | ap-mac ap-mac-value | ssid ssid-value | login-url url-key url | redirect-url redirect-url-value | sysname sysname-value | user-ipaddress user-ipaddress-value | user-mac user-mac-value } *

        Parameters carried in the URL are configured.

        By default, a URL does not carry parameters.

      5. Run url-parameter mac-address format delimiter delimiter { normal | compact }

        The MAC address format in the URL is configured.

        By default, the MAC address format in a URL is XXXXXXXXXXXX.

      6. Run parameter { start-mark parameter-value | assignment-mark parameter-value | isolate-mark parameter-value } *

        Characters in the URL are configured.

        By default, the start character in a URL is a question mark (?), the assignment character is an equal sign (=), and the delimiter between parameters is an ampersand (&).

      7. Run quit

        Return to the system view.

    2. Run aaa

      The AAA view is displayed.

    3. Run domain domain-name

      An AAA domain is created and the AAA domain view is displayed.

      The device has two default domains: default and default_admin. Common access users use the default domain and the administrator uses the default_admin domain.

    4. Run force-push url-template template-name

      The URL template push function is enabled.

      By default, the URL template push function is disabled.

Translation
Download
Updated: 2019-10-21

Document ID: EDOC1000178117

Views: 123589

Downloads: 59

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next