R2511-HP MSR Router Series Security Command Reference(V5)
370
vlan vlan-id: Specifies a source VLAN ID.
all: Specifies all portal-free rules.
Usage guidelines
If you specify both a source IP address and a source MAC address in a portal-free rule, the IP address
must be a host address with a 32-bit mask. Otherwise, the specified MAC address does not take effect.
If you specify both a VLAN and an interface in a portal-free rule, the interface must belong to the VLAN.
Otherwise, the rule does not take effect.
You cannot configure a portal-free rule to have the same filtering criteria as that of an existing one. When
attempted, the system prompts that the rule already exists.
No matter whether portal authentication is enabled on an interface, you can only add or remove a
portal-free rule, rather than modifying it.
A Layer 2 interface in an aggregation group cannot be specified as the source interface of a portal-free
rule, and the source interface of a portal-free rule cannot be added to an aggregation group.
For Layer 2 portal authentication, you can configure only portal-free rules that are from any source
address to any or a specific destination address. When such a portal-free rule is configured, users can
access the specified address without portal authentication.
Examples
# Configure a portal-free rule, allowing any packet whose source IP address is 10.10.10.1/24 and source
interface is Ethernet 1/1 to bypass portal authentication.
<Sysname> system-view
[Sysname] portal free-rule 15 source ip 10.10.10.1 mask 24 interface ethernet 1/1
destination ip any
Related commands
display portal free-rule
portal local-server
Use portal local-server to configure the protocol type to be supported by the local portal server and load
the default authentication page file.
Use undo portal local-server to cancel the configuration.
Syntax
portal local-server http
undo portal local-server http
Default
The local portal server does not support any protocol type.
Views
System view
Default command level
2: System level
Parameters
http: Specifies that the local portal server use HTTP to exchange authentication packets with clients.