Configuring An Authentication Destination Subnet; Setting The Maximum Number Of Online Portal Users; Specifying An Authentication Domain For Portal Users - HPE FlexNetwork MSR Series Comware 5 Security Configuration Manual
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 7 layer 3 - ip services configuration manuals (554 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
Configuring an authentication destination subnet
Only Layer 3 portal authentication supports this feature.
By configuring authentication destination subnets, you specify that only users accessing the
specified subnets (excluding the destination IP addresses and subnets specified in portal-free rules)
trigger portal authentication. Users can access other subnets without portal authentication.
If both authentication source subnets and destination subnets are configured on an interface, only
the authentication destination subnet takes effect.
To configure an authentication destination subnet:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure an authentication
destination subnet.
Setting the maximum number of online portal users
You can use this feature to control the total number of online portal users in the system.
If the maximum number of online portal you set is less than that of the current online portal users, the
limit can be set successfully and does not impact the online portal users, but the system does not
allow new portal users to log on until the number drops down below the limit.
To set the maximum number of online portal users allowed in the system:
Step
1.
Enter system view.
2.
Set the maximum number of
online portal users.
Specifying an authentication domain for portal users
After you specify an authentication domain for portal users on an interface, the device uses the
authentication domain for authentication, authorization, and accounting (AAA) of all portal users on
the interface, ignoring the domain names carried in the usernames. This allows you to specify
different authentication domains for different interfaces as needed.
To specify the authentication domain for portal users on an interface:
Command
system-view
interface interface-type
interface-number
portal auth-network destination
network-address { mask-length |
mask }
Command
system-view
portal max-user max-number
301
Remarks
N/A
N/A
Optional.
By default, the authentication
destination subnet is 0.0.0.0/0,
which means that users
accessing any subnets must pass
portal authentication.
You can configure up to 16
authentication destination
subnets.
Remarks
N/A
For the default setting, see HPE
FlexNetwork MSR Router Series
Comware 5 Security Command
Reference.
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?