Configuring An Authentication Destination Subnet; Setting The Maximum Number Of Portal Users - HPE FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
Configuring an authentication destination subnet
By configuring authentication destination subnets, you specify that users trigger portal authentication
only when they accessing the specified subnets (excluding the destination IP addresses and subnets
specified in portal-free rules). Users can access other subnets without portal authentication.
If both authentication source subnets and destination subnets are configured on an interface, only
the authentication destination subnets take effect.
You can configure multiple authentication destination subnets. If the destination subnets overlap, the
subnet with the largest address scope (with the smallest mask or prefix) takes effect.
To configure an IPv4 portal authentication destination subnet:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure an IPv4
portal authentication
destination subnet.
To configure an IPv6 portal authentication destination subnet:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure an IPv6
portal authentication
destination subnet.
Setting the maximum number of portal users
Perform this task to control the total number of portal users in the system, and the maximum number
of IPv4 or IPv6 portal users on an interface.
If you set the maximum total number smaller than the number of current online portal users on the
device, this configuration still takes effect. The online users are not affected but the system forbids
new portal users to log in.
If you set the maximum number smaller than the current number of portal users on an interface, this
configuration still takes effect. The online users are not affected but the system forbids new portal
users to log in from the interface.
Make sure the maximum combined number of IPv4 and IPv6 portal users specified on all interfaces
does not exceed the system-allowed maximum number. Otherwise, the exceeding number of portal
users will not be able to log in to the device.
To set the maximum number of total portal users allowed in the system:
Command
system-view
interface interface-type
interface-number
portal free-all except destination
ipv4-network-address { mask-length |
mask }
Command
system-view
interface interface-type
interface-number
portal ipv6 free-all except destination
ipv6-network-address prefix-length
181
Remarks
N/A
N/A
By default, no IPv4 portal
authentication destination subnet is
configured, and users accessing
any subnets must pass portal
authentication.
Remarks
N/A
N/A
By default, no IPv6 portal
authentication destination subnet is
configured, and users accessing
any subnets must pass portal
authentication.
Advertisement
Table of Contents
Troubleshooting
