F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

131

132

133

134

135

136

137

138

139

140

123

For Layer 2 portal authentication, you can configure only portal-free rules that are from any source

address to any or a specific destination address. When such a portal-free rule is configured, users can

access the specified address without portal authentication.

Examples

# Configure a portal-free rule, allowing any packet whose source IP address is 10.10.10.1/24 and source

interface is GigabitEthernet 0/1 to bypass portal authentication.

<Sysname> system-view

[Sysname] portal free-rule 15 source ip 10.10.10.1 mask 24 interface gigabitethernet 0/1

destination ip any

Related commands

display portal free-rule

portal local-server

Use portal local-server to configure the protocol type to be supported by the local portal server and load

the default authentication page file.

Use undo portal local-server to cancel the configuration.

Syntax

portal local-server { http | https server-policy policy-name }

undo portal local-server { http | https }

Default

The local portal server does not support any protocol type.

Views

System view

Default command level

2: System level

Parameters

http: Specifies that the local portal server use HTTP to exchange authentication packets with clients.

https: Specifies that the local portal server use HTTPS to exchange authentication packets with clients.

server-policy policy-name: Specifies the SSL server policy to be associated with the HTTPS service.

policy-name indicates an SSL server policy name, a case-insensitive string of 1 to 16 characters.

Usage guidelines

When executing this command, the local portal server loads the default authentication page file, which

is supposed to be saved in the root directory of the device. To make sure that the local portal server uses

the user-defined default authentication pages, edit and save them properly before executing this

command. Otherwise, the system default authentication pages are used.

If you specify HTTP in this command, the redirection URL for HTTP packets is in the format of http://IP

address of the device/portal/logon.htm, and clients and the portal server exchange authentication

information through HTTP.

If you specify HTTPS in this command, the redirection URL for HTTP packets is in the format of https://IP

address of the device/portal/logon.htm, and clients and the portal server exchange authentication

information through HTTPS.