HP 3600 v2 Series Configuration Manual page 155
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (441 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
The matching items for a portal-free rule include the source and destination IP address, TCP/UDP port
number, source MAC address, inbound interface, and VLAN. Packets matching a portal-free rule will not
trigger portal authentication, so that users sending the packets can directly access the specified external
websites.
For Layer 2 portal authentication, you can configure only a portal-free rule that is from any source
address to any or a specified destination address. If you configure a portal-free rule that is from any
source address to a specified destination address, users can access the specified address directly,
without being redirected to the portal authentication page for portal authentication. Usually, you can
configure the IP address of a server that provides certain services (such as software upgrading service)
as the destination IP address of a portal-free rule, so that Layer 2 portal authentication users can access
the services without portal authentication.
Follow these guidelines when you configure a portal-free rule:
•
If you specify both a VLAN and an interface in a portal-free rule, the interface must belong to the
VLAN. Otherwise, the rule does not take effect.
You cannot configure two or more portal-free rules with the same filtering criteria. Otherwise, the
•
system prompts that the rule already exists.
•
A Layer 2 interface in an aggregation group cannot be specified as the source interface of a
portal-free rule, and the source interface of a portal-free rule cannot be added to an aggregation
group.
To configure a portal-free rule:
Step
1.
Enter system view.
2.
Configure a portal-free rule.
NOTE:
Regardless of whether portal authentication is enabled or not, you can only add or remove a portal-free
rule. You cannot modify it.
Command
system-view
•
To configure an IPv4 portal-free rule:
portal free-rule rule-number
{ destination { any | ip { ip-address
mask { mask-length | netmask } | any }
[ tcp tcp-port-number | udp
udp-port-number ] } | source { any |
[ interface interface-type
interface-number | ip { ip-address mask
{ mask-length | mask } | any } [ tcp
tcp-port-number | udp
udp-port-number ] | mac mac-address |
vlan vlan-id ] * } } *
•
To configure an IPv6 portal-free rule:
portal free-rule rule-number
{ destination { any | ipv6 { ipv6-address
prefix-length | any } } | source { any |
[ interface interface-type
interface-number | ipv6 { ipv6-address
prefix-length | any } | mac mac-address
| vlan vlan-id ] * } } *
142
Remarks
N/A
Configure at least one
command.
Advertisement
Table of Contents
Troubleshooting
