10-10
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-12247-04
Chapter 10 Configuring Web-Based Authentication
Configuring Web-Based Authentication
• Hosts that are more than one hop away might experience traffic disruption if an STP topology
change results in the host traffic arriving on a different port. This occurs because the ARP and DHCP
updates might not be sent after a Layer 2 (STP) topology change.
• Web-based authentication does not support VLAN assignment as a downloadable-host policy.
• Web-based authentication is not supported for IPv6 traffic.
Web-Based Authentication Configuration Task List
• Configuring the Authentication Rule and Interfaces, page 10-10
• Configuring AAA Authentication, page 10-11
• Configuring Switch-to-RADIUS-Server Communication, page 10-11
• Configuring the HTTP Server, page 10-13
• Configuring an AAA Fail Policy, page 10-15
• Configuring the Web-Based Authentication Parameters, page 10-16
• Removing Web-Based Authentication Cache Entries, page 10-17
Configuring the Authentication Rule and Interfaces
This example shows how to enable web-based authentication on Fast Ethernet port 5/1:
Switch(config)# ip admission name webauth1 proxy http
Switch(config)# interface fastethernet 5/1
Switch(config-if)# ip admission webauth1
Switch(config-if)# exit
Switch(config)# ip device tracking
This example shows how to verify the configuration:
Switch# show ip admission configuration
Authentication Proxy Banner not configured
Authentication global cache time is 60 minutes
Command Purpose
Step 1
ip admission name name proxy http Configure an authentication rule for web-based authorization.
Step 2
interface type slot/port Enter interface configuration mode and specifies the ingress Layer 2 or
Layer 3 interface to be enabled for web-based authentication.
type can be fastethernet, gigabit ethernet, or tengigabitethernet.
Step 3
ip access-group name Apply the default ACL.
Step 4
ip admission name Configures web-based authentication on the specified interface.
Step 5
exit Return to configuration mode.
Step 6
ip device tracking Enables the IP device tracking table.
Step 7
end Return to privileged EXEC mode.
Step 8
show ip admission configuration Display the configuration.
Step 9
copy running-config startup-config (Optional) Save your entries in the configuration file.
To Next Page