Configuring a portal-free rule – H3C Technologies H3C S7500E Series Switches User Manual

8-9

z

The destination port number that the device uses for sending packets to the portal server

unsolicitedly must be the same as that the remote portal server actually uses.

z

The portal server and its parameters can be deleted or modified only when the portal server

is not referenced by any interface.

z

The portal server to be referenced must exist.

z

Only Layer 3 portal authentication mode (portal server server-name method layer3) can

be used in applications with Layer 3 forwarding devices present between the authentication

clients and the access device. However, Layer 3 authentication does not require any Layer

3 forwarding devices between the access device and the authentication clients.

z

In re-DHCP authentication mode, a user is allowed to send packets using a public IP

address before portal authentication, but the corresponding response packets are

restricted.

Configuring a Portal-Free Rule

A portal-free rule allows specified users to access specified external websites without portal

authentication.

The matching items in a portal free rule include the IP address, MAC address, source interface,

and VLAN. Packets matching a portal-free rule will not trigger portal authentication, so that

users sending the packets can directly access the specified external websites.

Follow these steps to configure a portal-free rule:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Configure a portal-free rule

portal free-rule rule-number { destination

{ any | ip { ip-address mask { mask-length |

netmask } | any } } | source { any | [ interface

interface-type interface-number | ip

{ ip-address mask { mask-length | mask } |

any } | mac mac-address | vlan vlan-id ] * } } *

Required