R0106-HP MSR Router Series Security Configuration Guide(V7)
119
Controlling portal user access
Configuring a portal-free rule
A portal-free rule allows specified users to access specified external websites without portal
authentication.
The matching items for a portal-free rule include the source/destination IP address, TCP/UDP port
number, source MAC address, access interface, and VLAN. Packets matching a portal-free rule will not
trigger portal authentication, so users sending the packets can directly access the specified external
websites.
You cannot configure two or more portal-free rules with the same filtering criteria. Otherwise, the system
prompts that the rule already exists.
Regardless of whether portal authentication is enabled or not, you can only add or remove a portal-free
rule. You cannot modify it.
To configure an IP-based portal-free rule:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Configure an IPv4-based
portal-free rule.
portal free-rule rule-number
{ destination ip { ip-address
{ mask-length | mask } | any } [ tcp
tcp-port-number | udp
udp-port-number ] | source ip
{ ip-address { mask-length | mask } |
any } [ tcp tcp-port-number | udp
udp-port-number ] } *
By default, no IPv4-based portal-free
rule exists.
3. Configure an IPv6-based
portal-free rule.
portal free-rule rule-number
{ destination ipv6 { ipv6-address
prefix-length | any } [ tcp
tcp-port-number | udp
udp-port-number ] | source ipv6
{ ipv6-address prefix-length | any } [ tcp
tcp-port-number | udp
udp-port-number ] } *
By default, no IPv6-based portal-free
rule exists.
To configure a source-based portal-free rule:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A