125
To do… Use the command…
Remarks
Configure a
portal-free rule
portal free-rule rule-number { destination { any | ip
{ ip-address mask { mask-length | mask } | any } } |
source { any | [ ip { ip-address mask { mask-length |
mask } | any } | mac mac-address | vlan vlan-id ]
* } } *
Use one of the commands.
portal free-rule rule-number { destination { any | ipv6
{ ipv6-address prefix-length | any } } | source { any |
[ ipv6 { ipv6-address prefix-length | any } | mac
mac-address | vlan vlan-id ] * } } *
NOTE:
• If you specify both a source IPv4 address and a source MAC address in a portal-free rule, the IPv4
address must be a host address with a 32-bit mask. Otherwise, the specified MAC address does not take
effect.
• If you specify both a source IPv6 address and a source MAC address, make sure that the specified IPv6
address is a host address with a 128-bit prefix. Otherwise, the specified MAC address does not take
effect.
• You cannot configure two or more portal-free rules with the same filterin
criteria. Otherwise, the system
prompts that the rule already exists.
• Regardless of whether portal authentication is enabled or not, you can only add or remove a portal-free
rule. You cannot modify it.
Configuring an authentication source subnet
NOTE:
Only Layer 3 portal authentication supports this feature.
By configuring authentication source subnets, you specify that only HTTP packets from users on the
authentication source subnets can trigger portal authentication. If an unauthenticated user is not on any
authentication source subnet, the access device discards all the user's HTTP packets that do not match
any portal-free rule.
Follow these steps to configure an authentication source subnet:
To do… Use the command…
Remarks
Enter system view system-view —
Enter interface view interface interface-type interface-number —
Configure an
authentication source
subnet
portal auth-network { ipv4-network-address
{ mask-length | mask } | ipv6
ipv6-network-address prefix-length }
Optional
By default, the authentication
source IPv4 and IPv6 subnets are
0.0.0.0/0 and ::/0, respectively,
which mean that users from any
subnets must pass portal
authentication.
To Next Page
Loading...
