portal local-server
Function
The portal local-server command enables the built-in Portal server function.
The undo portal local-server command disables the built-in Portal server function.
By default, the built-in Portal server function is disabled.
Format
portal local-server { https ssl-policy policy-name | http } [ port port-num ]
undo portal local-server { https | http }
Parameters
Parameter |
Description |
Value |
---|---|---|
https |
Configures the built-in Portal server to exchange authentication messages with users using the Hypertext Transfer Protocol Secure (HTTPS) protocol. In the WeChat authentication scenario, this parameter cannot be configured. |
- |
ssl-policy policy-name |
Specifies the Secure Sockets Layer (SSL) policy used by the built-in Portal server. |
The value must be the name of an existing SSL policy. |
http |
Configures the built-in Portal server to exchange authentication messages with users using the Hypertext Transfer Protocol (HTTP) protocol. |
- |
port port-num |
Specifies the TCP port number used. If you do not specify a port number, the default port number is used. |
|
Usage Guidelines
Usage Scenario
Compared with an external Portal server, a built-in Portal server is easy to use, cost-effective, and easy to maintain. After a built-in Portal server is configured, Portal authentication can be implemented for users without an external Portal server. When using the portal local-server command to enable the built-in Portal server function, configure the built-in Portal server to exchange authentication messages with users using the HTTPS protocol. HTTPS is a secure extension of HTTP and uses the SSL protocol to guarantee secure communication. To enable the built-in Portal server to exchange authentication messages using HTTPS, you need to configure an SSL policy and load a digital certificate to the server.
Prerequisites
The IP address of the built-in Portal server has been configured using the portal local-server ip command.
An SSL policy has been configured using the ssl policy policy-name command in the system view
A server SSL policy has been configured.
You have obtained a digital certificate for the SSL policy from an authorized certificate authority.
Precautions
When there are Portal authentication users online, you cannot disable the built-in Portal server function or change the SSL policy for the built-in Portal server.
Example
# Enable the built-in Portal server function and configure the server to use the SSL policy s1.
<AC6605> system-view [AC6605] interface loopback 1 [AC6605-LoopBack1] ip address 10.1.1.1 24 [AC6605-LoopBack1] quit [AC6605] portal local-server ip 10.1.1.1 [AC6605] ssl policy s1 type server [AC6605-ssl-policy-s1] pki-realm default [AC6605-ssl-policy-s1] quit [AC6605] portal local-server https ssl-policy s1