EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #146 background imageLoading...
Page #146 background image
133
Step
Command
Remarks
2.
Configure an
IPv4-based portal-free
rule.
portal free-rule
rule-number
{
destination
ip
{ ip-address
{ mask-length | mask } |
any
} [
tcp
tcp-port-number |
udp
udp-port-number ] |
source
ip
{ ip-address { mask-length | mask } |
any
} [
tcp
tcp-port-number |
udp
udp-port-number ] } *
By default, no IPv4-based
portal-free rule exists.
3.
Configure an
IPv6-based portal-free
rule.
portal free-rule
rule-number
{
destination
ipv6
{ ipv6-address
prefix-length |
any
} [
tcp
tcp-port-number |
udp
udp-port-number ] |
source
ipv6
{ ipv6-address prefix-length |
any
}
[
tcp
tcp-port-number |
udp
udp-port-number ] } *
By default, no IPv6-based
portal-free rule exists.
To configure a source-based portal-free rule:
Step
Command
Remarks
1. Enter system view.
system-view
N/A
2.
Configure a
source-based
portal-free rule.
portal free-rule
rule-number
source
{
interface
interface-type
interface-number |
mac
mac-address |
vlan
vlan-id } *
By default, no source-based
portal-free rule exists.
If you specify both a VLAN and an
interface, the interface must belong
to the VLAN. Otherwise, the
portal-free rule does not take effect.
Configuring an authentication source subnet
By configuring authentication source subnets, you specify that only HTTP packets from users on the
authentication source subnets can trigger portal authentication. If an unauthenticated user is not on
any authentication source subnet, the access device discards all the user's HTTP packets that do not
match any portal-free rule.
When you configure a portal authentication source subnet, follow these restrictions and guidelines:
• Authentication source subnets apply only to cross-subnet portal authentication.
• In direct or re-DHCP portal authentication mode, a portal user and its access interface
(portal-enabled) are on the same subnet. It is not necessary to specify the subnet as the
authentication source subnet. If the specified authentication source subnet is different from the
access subnet of the users, the users will fail the portal authentication.
ï‚¡ In direct mode, the access device regards the authentication source subnet as any source
IP address.

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals