EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #145 background imageLoading...
Page #145 background image
134
online user information of each other through the failover link. When one of them (Gateway A or
Gateway B) fails, the other can guarantee the normal data communication of the online portal users and
perform portal authentication for new portal users.
Basic concepts
1. Device states
• Independence: A stable running status of a device when it does not establish the failover link with
the other device.
• Synchronization: A stable running status of a device when it establishes the failover link with the
other device successfully and is ready for data backup.
2. User modes
• Stand-alone: Indicates that the user data is stored on the local device only. Currently, the local
device is in independence state or it is in synchronization state but has not synchronized the user
data to the peer device yet.
• Primary: Indicates that the user logs in from the local device, and the user data is generated on the
local device. The local device is in synchronization state and ready for receiving and processing
packets from the server.
• Secondary: Indicates that the user logs in from the peer device, and the user data is synchronized
from the peer device to the local device. The local device is in synchronization state. It only receives
and processes the synchronization messages and does not process packets from the server.
Portal authentication across VPNs
In a scenario where the branches belong to different VPNs that are isolated from each other and all
portal users in the branches need to be authenticated by the server at the headquarters, you can deploy
portal authentication across MPLS VPNs. As shown in Figure 60, the
P
E connecting the authentication
clients serves as the NAS. The NAS is configured with portal authentication and AAA authentication,
both of which support authentication across VPNs. The NAS can transmit a client’s portal authentication
packets in a VPN transparently through the MPLS backbone to the servers in another VPN. This feature
implements centralized client authentication across different VPNs while ensuring the separation of
packets of the different VPNs.
Figure 60 Network diagram for portal authentication across VPNs

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals