HP FlexNetwork 10500 Series Security Configuration Manual page 184

[Switch] domain default enable dm1
3. Configure ACL 3000 as the isolation ACL and ACL 3001 as the security ACL.
[Switch] acl number 3000
[Switch-acl-adv-3000] rule permit ip destination 192.168.0.0 0.0.0.255
[Switch-acl-adv-3000] rule deny ip
[Switch-acl-adv-3000] quit
[Switch] acl number 3001
[Switch-acl-adv-3001] rule permit ip
[Switch-acl-adv-3001] quit
NOTE:
Make sure you specify ACL 3000 as the isolation ACL and ACL 3001 as the security ACL on the
security policy server.
4. Configure portal authentication:
# Configure a portal authentication server.
[Switch] portal server newpt
[Switch-portal-server-newpt] ip 192.168.0.111 key simple portal
[Switch-portal-server-newpt] port 50100
[Switch-portal-server-newpt] quit
# Configure a portal Web server.
[Switch] portal web-server newpt
[Switch-portal-websvr-newpt] url http://192.168.0.111:8080/portal
[Switch-portal-websvr-newpt] quit
# Enable direct portal authentication on VLAN-interface 100.
[Switch] interface vlan-interface 100
[Switch–Vlan-interface100] portal enable method direct
# Specify the portal Web server newpt on VLAN-interface 100.
[Switch–Vlan-interface100] portal apply web-server newpt
# Configure the BAS-IP as 2.2.2.1 for portal packets sent from VLAN-interface 100 to the portal
authentication server.
[Switch–Vlan-interface100] portal bas-ip 2.2.2.1
[Switch–Vlan-interface100] quit
Verifying the configuration
# Verify that the portal configuration has taken effect.
[Switch] display portal interface vlan-interface 100
Portal information of Vlan-interface100
Nas id profile: Not configured
IPv4:
Portal status: Enabled
Authentication type: Direct
Portal Web server: newpt
Authentication domain: Not configured
BAS-IP: 2.2.2.1
User Detection:
Action for server detection:
Server type
--
Not configured
Server name
--
170
Action
--