To do...
Configure a
portal-free rule
NOTE:
If you specify both a source IPv4 address and a source MAC address in a portal-free rule, the IPv4
•
address must be a host address with a 32-bit mask. Otherwise, the specified MAC address does not take
effect.
If you specify both a source IPv6 address and a source MAC address, make sure that the specified IPv6
•
address is a host address with a 128-bit prefix. Otherwise, the specified MAC address does not take
effect.
You cannot configure two or more portal-free rules with the same filtering criteria. Otherwise, the system
•
prompts that the rule already exists.
Regardless of whether portal authentication is enabled or not, you can only add or remove a portal-free
•
rule. You cannot modify it.
Configuring an authentication source subnet
NOTE:
Only Layer 3 portal authentication supports this feature.
By configuring authentication source subnets, you specify that only HTTP packets from users on the
authentication source subnets can trigger portal authentication. If an unauthenticated user is not on any
authentication source subnet, the access device discards all the user's HTTP packets that do not match
any portal-free rule.
Follow these steps to configure an authentication source subnet:
To do...
Enter system view
Enter interface view
Configure an
authentication source
subnet
Use the command...
portal free-rule rule-number { destination { any | ip
{ ip-address mask { mask-length | mask } | any } } |
source { any | [ ip { ip-address mask { mask-length |
mask } | any } | mac mac-address | vlan vlan-id ]
* } } *
portal free-rule rule-number { destination { any | ipv6
{ ipv6-address prefix-length | any } } | source { any |
[ ipv6 { ipv6-address prefix-length | any } | mac
mac-address | vlan vlan-id ] * } } *
Use the command...
system-view
interface interface-type interface-number
portal auth-network { ipv4-network-address
{ mask-length | mask } | ipv6
ipv6-network-address prefix-length }
125
Remarks
Use one of the commands.
Remarks
—
—
Optional
By default, the authentication
source IPv4 and IPv6 subnets are
0.0.0.0/0 and ::/0, respectively,
which mean that users from any
subnets must pass portal
authentication.