Configuring An Authentication Source Subnet - HPE FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
Step
1.
Enter system view.
2.
Configure a
destination-based
portal-free rule.
Configuring an authentication source subnet
By configuring authentication source subnets, you specify that only HTTP packets from users on the
authentication source subnets can trigger portal authentication. If an unauthenticated user is not on
any authentication source subnet, the access device discards all the user's HTTP packets that do not
match any portal-free rule.
When you configure a portal authentication source subnet, follow these restrictions and guidelines:
•
Authentication source subnets apply only to cross-subnet portal authentication.
•
In direct or re-DHCP portal authentication mode, a portal user and its access interface
(portal-enabled) are on the same subnet. It is not necessary to specify the subnet as the
authentication source subnet. If the specified authentication source subnet is different from the
access subnet of the users, the users will fail the portal authentication.
In direct mode, the access device regards the authentication source subnet as any source
IP address.
In re-DHCP mode, the access device regards the authentication source subnet on an
interface as the subnet to which the private IP address of the interface belongs.
•
If both authentication source subnets and destination subnets are configured on an interface,
only the authentication destination subnets take effect.
•
You can configure multiple authentication source subnets. If the source subnets overlap, the
subnet with the largest address scope (with the smallest mask or prefix) takes effect.
To configure an IPv4 portal authentication source subnet:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure an IPv4 portal
authentication source
subnet.
To configure an IPv6 portal authentication source subnet:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure an IPv6 portal
authentication source
subnet.
Command
system-view
portal free-rule rule-number
destination host-name
Command
system-view
interface interface-type
interface-number
portal layer3 source
ipv4-network-address
{ mask-length | mask }
Command
system-view
interface interface-type
interface-number
portal ipv6 layer3 source
ipv6-network-address
prefix-length
180
Remarks
N/A
By default, no destination-based
portal-free rule exists.
Remarks
N/A
N/A
By default, no IPv4 portal
authentication source subnet is
configured, and users from any
subnets must pass portal
authentication.
Remarks
N/A
N/A
By default, no IPv6 portal
authentication source subnet is
configured, and IPv6 users from
any subnets must pass portal
authentication.
Advertisement
Table of Contents
Troubleshooting
