1. Manuals
  2. Brands
  3. HP Manuals
  4. Network Router
  5. 5120 SI Series
  6. Security configuration manual

Configuring An Authentication Source Subnet - HP 5120 SI Series Security Configuration Manual

Hide thumbs Also See for 5120 SI Series:
Table of Contents

Advertisement

To do...
Configure a
portal-free rule
NOTE:
If you specify both a source IPv4 address and a source MAC address in a portal-free rule, the IPv4
address must be a host address with a 32-bit mask. Otherwise, the specified MAC address does not take
effect.
If you specify both a source IPv6 address and a source MAC address, make sure that the specified IPv6
address is a host address with a 128-bit prefix. Otherwise, the specified MAC address does not take
effect.
You cannot configure two or more portal-free rules with the same filtering criteria. Otherwise, the system
prompts that the rule already exists.
Regardless of whether portal authentication is enabled or not, you can only add or remove a portal-free
rule. You cannot modify it.

Configuring an authentication source subnet

NOTE:
Only Layer 3 portal authentication supports this feature.
By configuring authentication source subnets, you specify that only HTTP packets from users on the
authentication source subnets can trigger portal authentication. If an unauthenticated user is not on any
authentication source subnet, the access device discards all the user's HTTP packets that do not match
any portal-free rule.
Follow these steps to configure an authentication source subnet:
To do...
Enter system view
Enter interface view
Configure an
authentication source
subnet
Use the command...
portal free-rule rule-number { destination { any | ip
{ ip-address mask { mask-length | mask } | any } } |
source { any | [ ip { ip-address mask { mask-length |
mask } | any } | mac mac-address | vlan vlan-id ]
* } } *
portal free-rule rule-number { destination { any | ipv6
{ ipv6-address prefix-length | any } } | source { any |
[ ipv6 { ipv6-address prefix-length | any } | mac
mac-address | vlan vlan-id ] * } } *
Use the command...
system-view
interface interface-type interface-number
portal auth-network { ipv4-network-address
{ mask-length | mask } | ipv6
ipv6-network-address prefix-length }
125
Remarks
Use one of the commands.
Remarks
Optional
By default, the authentication
source IPv4 and IPv6 subnets are
0.0.0.0/0 and ::/0, respectively,
which mean that users from any
subnets must pass portal
authentication.

Advertisement

Table of Contents
loading

Related Manuals for HP 5120 SI Series

Related Content for HP 5120 SI Series

Table of Contents