Configuring a portal-free rule

A portal-free rule allows specified users to access specified external websites without portal authentication.

The matching items for a portal-free rule include the source and destination IP address, source MAC address, inbound interface, and VLAN. Packets matching a portal-free rule will not trigger portal authentication, so users sending the packets can directly access the specified external websites.

For Layer 2 portal authentication, you can configure only a portal-free rule that is from any source address to any or a specific destination address. If you configure a portal-free rule that is from any source address to a specific destination address, users can access the specified address directly, without being redirected to the portal authentication page for portal authentication. Usually, you can configure the IP address of a server that provides certain services (such as software upgrading service) as the destination IP address of a portal-free rule, so that Layer 2 portal authentication users can access the services without portal authentication.

Configuration guidelines

Configuration procedure

To configure a portal-free rule:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure a portal-free rule.

  • To configure an IPv4 portal-free rule:portal free-rule rule-number { destination { any | ip { ip-address mask { mask-length | mask } | any } } | source { any | [ interface interface-type interface-number | ip { ip-address mask { mask-length | mask } | any } | mac mac-address | vlan vlan-id ] * } } *

  • To configure an IPv6 portal-free rule:portal free-rule rule-number { destination { any | ipv6 { ipv6-address prefix-length | any } } | source { any | [ interface interface-type interface-number | ipv6 { ipv6-address prefix-length | any } | mac mac-address | vlan vlan-id ] * } } *

Configure at least one command.