Configuring An Authentication Source Subnet; Setting The Maximum Number Of Online Portal Users - HP 10500 Series Configuration Manual
Security configuration guide
Hide thumbs
Also See for 10500 Series:
- Security configuration manual (596 pages) ,
- Configuration manual (512 pages) ,
- Specifications (42 pages)
Table of Contents
Advertisement
Step
2.
Configure a
portal-free rule.
NOTE:
Regardless of whether portal authentication is enabled or not, you can only add or remove a portal-free
rule. You cannot modify it.
Configuring an authentication source subnet
By configuring authentication source subnets, you specify that only HTTP packets from users on the
authentication source subnets can trigger portal authentication. If an unauthenticated user is not on any
authentication source subnet, the access device discards all the user's HTTP packets that do not match
any portal-free rule.
To configure an authentication source subnet:
Step
1.
Enter system view.
2.
Enter interface
view.
3.
Configure an
authentication
source subnet.
Configuration of authentication source subnets applies to only cross-subnet authentication. In direct
authentication mode, the authentication source subnet is 0.0.0.0/0. In re-DHCP authentication mode,
the authentication source subnet of an interface is the subnet to which the private IP address of the
interface belongs.
Setting the maximum number of online portal users
Use this feature to control the total number of online portal users in the system:
Command
•
To configure an IPv4 portal-free rule:
portal free-rule rule-number { destination { any | ip
{ ip-address mask { mask-length | mask } | any } } |
source { any | [ interface interface-type
interface-number | ip { ip-address mask { mask-length
| mask } | any } | mac mac-address | vlan vlan-id ]
* } } *
•
To configure an IPv6 portal-free rule:
portal free-rule rule-number { destination { any | ipv6
{ ipv6-address prefix-length | any } } | source { any |
[ interface interface-type interface-number | ipv6
{ ipv6-address prefix-length | any } | mac
mac-address | vlan vlan-id ] * } } *
Command
system-view
interface interface-type interface-number
portal auth-network { ipv4-network-address
{ mask-length | mask } | ipv6
ipv6-network-address prefix-length }
135
Remarks
Configure at least one
command.
Remarks
N/A
N/A
Optional.
By default, the authentication
source IPv4 and IPv6 subnets are
0.0.0.0/0 and ::/0, respectively,
which mean that users from any
subnets must pass portal
authentication.
You can configure multiple
authentication source subnets.
Advertisement
Table of Contents
Troubleshooting
