R3303-HP HSR6800 Routers Security Command Reference
164
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] portal auth-network 10.10.10.0 24
portal auth-network destination
Use portal auth-network destination to configure an authentication destination subnet on an interface.
Then, only users accessing the specified subnet (excluding the destination IP addresses and subnets
specified in portal-free rules) trigger portal authentication on the interface. Users can access other
networks through the interface without portal authentication.
Use undo portal auth-network destination to cancel the specified or all authentication destination
subnets.
Syntax
portal auth-network destination network-address { mask-length | mask }
undo portal auth-network destination { network-address | all }
Default
The authentication destination subnet is 0.0.0.0/0, meaning that users accessing any subnets must pass
portal authentication.
Views
Interface view
Default command level
2: System level
Parameters
network-address: IP address of the authentication destination subnet.
mask-length: Length of the subnet mask, in the range of 0 to 32.
mask: Subnet mask, in dotted decimal notation.
all: Removes all authentication destination subnets.
Usage guidelines
Only the three Layer 3 portal authentication modes (direct, re-DHCP, and cross-subnet) support
configuring authentication destination subnets.
You can configure multiple authentication destination subnets by executing the portal auth-network
destination command. The system supports up to 16 authentication source subnets and destination
subnets.
If both an authentication source subnet and destination subnet are configured on an interface, only the
authentication destination subnet takes effect.
Examples
# Configure a portal authentication destination subnet of 2.2.2.0/24 on GigabitEthernet 3/0/1, so that
only users accessing subnet 2.2.2.0/24 trigger portal authentication on the interface. Users can access
other subnets through the interface without portal authentication.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] portal auth-network destination 2.2.2.0 24