R0106-HP MSR Router Series Security Command Reference(V7)
174
authentication source subnet, the access device discards all the user's packets that do not match any
portal-free rule.
If you do not specify the ipv6-network-address argument in the undo portal ipv6 layer3 source command,
this command deletes all IPv6 portal authentication source subnets on the interface.
Only cross-subnet authentication supports authentication source subnets.
If you configure both an authentication source subnet and an authentication destination subnet on an
interface, only the authentication destination subnet takes effect.
Examples
# Configure an IPv6 portal authentication source subnet of 1::1/16 on interface GigabitEthernet 2/1/1.
Only portal users from subnet 1::1/16 trigger portal authentication.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/1/1
[Sysname–GigabitEthernet2/1/1] portal ipv6 layer3 source 1::1 16
Related commands
• display portal interface
• portal ipv6 free-all except destination
portal ipv6 user-detect
Use portal ipv6 user-detect to enable online detection of IPv6 portal users on an interface.
Use undo portal user-detect to restore the default.
Syntax
portal ipv6 user-detect type { nd | icmpv6 } [ retry retries] [ interval interval ] [ idle time ]
undo portal ipv6 user-detect
Default
Online detection of IPv6 portal users is disabled on the interface.
Views
Interface view
Predefined user roles
network-admin
Parameters
type: Specifies the type of detection packets.
• nd—ND packets.
• icmpv6—ICMPv6 packets.
retry retries: Sets the maximum number of detection attempts, in the range of 1 to 10, and the default is
3. If the device receives no reply from a portal user when this threshold is reached, it logs out the portal
user.
interval interval: Sets a detection interval in the range of 1 to 1200 seconds. The default interval is 3
seconds.
idle time: Sets the user idle timeout in the range of 60 to 3600 seconds. The default is 180 seconds.
When the timeout expires, online detection of portal users is restarted.