diff --git a/teressa-copeland-homes/middleware.ts b/teressa-copeland-homes/middleware.ts
index c6c296b..9f12260 100644
--- a/teressa-copeland-homes/middleware.ts
+++ b/teressa-copeland-homes/middleware.ts
@@ -5,5 +5,5 @@ const { auth } = NextAuth(authConfig);
 export default auth;
 
 export const config = {
-  matcher: ["/agent/:path*"],
+  matcher: ["/agent/:path*", "/portal/:path*"],
 };
diff --git a/teressa-copeland-homes/src/app/agent/(protected)/dashboard/page.tsx b/teressa-copeland-homes/src/app/agent/(protected)/dashboard/page.tsx
index c07d97e..ac8c6a4 100644
--- a/teressa-copeland-homes/src/app/agent/(protected)/dashboard/page.tsx
+++ b/teressa-copeland-homes/src/app/agent/(protected)/dashboard/page.tsx
@@ -1,17 +1,5 @@
-import { auth } from "@/lib/auth";
 import { redirect } from "next/navigation";
 
-export default async function DashboardPage() {
-  // Defense-in-depth session check (layout also checks, this is belt-and-suspenders)
-  const session = await auth();
-  if (!session) redirect("/agent/login");
-
-  return (
-    <div>
-      <h1 className="text-2xl font-semibold text-gray-900">Dashboard</h1>
-      <p className="mt-2 text-gray-500">
-        Welcome back, {session.user?.email}. Portal content coming in Phase 3.
-      </p>
-    </div>
-  );
+export default function DashboardPage() {
+  redirect("/portal/dashboard");
 }
diff --git a/teressa-copeland-homes/src/lib/auth.config.ts b/teressa-copeland-homes/src/lib/auth.config.ts
index a57632e..24e2ea4 100644
--- a/teressa-copeland-homes/src/lib/auth.config.ts
+++ b/teressa-copeland-homes/src/lib/auth.config.ts
@@ -20,9 +20,10 @@ export const authConfig = {
       const isLoggedIn = !!auth?.user;
       const isLoginPage = nextUrl.pathname === "/agent/login";
       const isAgentRoute = nextUrl.pathname.startsWith("/agent");
+      const isPortalRoute = nextUrl.pathname.startsWith("/portal");
 
       if (isLoginPage) {
-        if (isLoggedIn) return Response.redirect(new URL("/agent/dashboard", nextUrl.origin));
+        if (isLoggedIn) return Response.redirect(new URL("/portal/dashboard", nextUrl.origin));
         return true; // Always allow unauthenticated access to login page
       }
 
@@ -30,6 +31,10 @@ export const authConfig = {
         return isLoggedIn; // Redirect unauthenticated users to login
       }
 
+      if (isPortalRoute) {
+        if (!isLoggedIn) return Response.redirect(new URL("/agent/login", nextUrl));
+      }
+
       return true;
     },
     jwt({ token, user }) {