Portal Free-Rule - HPE FlexNetwork HSR6800 Security Command Reference
Hide thumbs
Also See for FlexNetwork HSR6800:
- Configuration manual (503 pages) ,
- Command reference manual (153 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Related commands
display portal interface
portal free-rule
Use portal free-rule to configure a portal-free rule and specify the source filtering condition,
destination filtering condition, or both.
Use undo portal free-rule to remove a specific portal-free rule or all portal-free rules.
Syntax
portal free-rule rule-number { destination { any | ip { ip-address mask { mask-length | mask } | any }
[ tcp tcp-port-number [ to tcp-port-number ] | udp udp-port-number [ to udp-port-number ] ] } |
source { any | [ interface interface-type interface-number | ip { ip-address mask { mask-length |
mask } | any } [ tcp tcp-port-number [ to tcp-port-number ] | udp udp-port-number [ to
udp-port-number ] ] | mac mac-address | vlan vlan-id ] ] * } } *
undo portal free-rule { rule-number | all }
Views
System view
Default command level
2: System level
Parameters
rule-number: Number for the portal-free rule, in the range of 0 to 1023.
any: Imposes no limitation on the previous keyword.
ip ip-address: Specifies an IP address for the portal-free rule.
mask { mask-length | mask }: Specifies a mask or mask length for the IP address. The mask
argument is a subnet mask in dotted decimal notation. The mask-length argument is a subnet mask
length, an integer in the range of 0 to 32.
tcp tcp-port-number [ to tcp-port-number ]: Specifies a range of TCP port numbers. The value range
for the tcp-port-number argument is 0 to 65535.
udp udp-port-number [ to udp-port-number ]: Specifies a range of UDP port numbers. The value
range for the udp-port-number argument is 0 to 65535.
interface interface-type interface-number: Specifies a source interface.
mac mac-address: Specifies a source MAC address in the format H-H-H.
vlan vlan-id: Specifies a source VLAN ID. The vlan vlan-id option is supported by
HSR6802/HSR6804/HSR6808 configured with SAP modules that operate in bridge mode.
all: Specifies all portal-free rules.
Usage guidelines
If you specify both a source IP address and a source MAC address in a portal-free rule, the IP
address must be a host address with a 32-bit mask. Otherwise, the specified MAC address does not
take effect.
If you specify both a VLAN and an interface in a portal-free rule, the interface must belong to the
VLAN. Otherwise, the rule does not take effect.
If you specify both a source port number and a destination port number for a portal-free rule, the
source and destination port numbers must belong to the same transport layer protocol.
You cannot configure a portal-free rule to have the same filtering criteria as that of an existing one.
When attempted, the system prompts that the rule already exists.
159
Advertisement
Table of Contents
