EasyManuals Logo

Cisco Catalyst 2960-X User Manual

Cisco Catalyst 2960-X
498 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #384 background imageLoading...
Page #384 background image
If authentication succeeds, web-based authentication sends a Login-Successful HTML page to the host and
applies the access policies returned by the AAA server.
If authentication fails, web-based authentication forwards a Login-Fail HTML page to the user, prompting
the user to retry the login. If the user exceeds the maximum number of attempts, web-based authentication
forwards a Login-Expired HTML page to the host, and the user is placed on a watch list for a waiting period.
HTTPS traffic interception for central web authentication redirect is not supported.Note
You should use global parameter-map (for method-type, custom, and redirect) only for using the same
web authentication methods like consent, web consent, and webauth, for all the clients and SSIDs. This
ensures that all the clients have the same web-authentication method.
If the requirement is to use Consent for one SSID and Web-authentication for another SSID, then you
should use two named parameter-maps. You should configure Consent in first parameter-map and configure
webauth in second parameter-map.
Note
The traceback that you receive when webauth client tries to do authentication does not have any performance
or behavioral impact. It happens rarely when the context for which FFM replied back to EPM for ACL
application is already dequeued (possibly due to timer expiry) and the session becomes unauthorized.
Note
Device Roles
With web-based authentication, the devices in the network have these specific roles:
ClientThe device (workstation) that requests access to the LAN and the services and responds to
requests from the switch. The workstation must be running an HTML browser with Java Script enabled.
Authentication serverAuthenticates the client. The authentication server validates the identity of the
client and notifies the switch that the client is authorized to access the LAN and the switch services or
that the client is denied.
SwitchControls the physical access to the network based on the authentication status of the client. The
switch acts as an intermediary (proxy) between the client and the authentication server, requesting
identity information from the client, verifying that information with the authentication server, and relaying
a response to the client.
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
360 OL-29048-01
Configuring Web-Based Authentication
Device Roles

Table of Contents

Other manuals for Cisco Catalyst 2960-X

Preview: Command Reference
Command Reference134 pages
Preview: Hardware Installation Guide
Hardware Installation Guide102 pages
Preview: Configuration Guide
Configuration Guide118 pages
Preview: Getting Started Guide
Getting Started Guide26 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 2960-X and is the answer not in the manual?

Cisco Catalyst 2960-X Specifications

General IconGeneral
Console portRJ-45
USB 2.0 ports quantity2
SFP module slots quantity4
Installed SFP modules quantity-
Gigabit Ethernet (copper) ports quantity48
Basic switching RJ-45 Ethernet ports typeGigabit Ethernet (10/100/1000)
Power sourceAC
Input current5 A
AC input voltage100 - 240 V
Power consumption (typical)60.9 W
Number of power supply units1
Redundant power supply (RPS) supportYes
Operating altitude0 - 3000 m
Non-operating altitude0 - 4000 m
Storage temperature (T-T)-25 - 70 °C
Operating temperature (T-T)-5 - 40 °C
Operating relative humidity (H-H)10 - 95 %
Switching protocolsUDP, TCP, RADIUS/TACACS+
Number of VLANs1023
Networking standardsIEEE 802.1ab, IEEE 802.1D, IEEE 802.1p, IEEE 802.1Q, IEEE 802.1s, IEEE 802.1w, IEEE 802.1x, IEEE 802.3, IEEE 802.3ab, IEEE 802.3ad, IEEE 802.3ae, IEEE 802.3af, IEEE 802.3ah, IEEE 802.3at, IEEE 802.3az, IEEE 802.3u, IEEE 802.3x, IEEE 802.3z
Throughput107.1 Mpps
Jumbo frames9216
Number of queues8
MAC address table16000 entries
Number of static routes1000
DHCP featuresDHCP server
AuthenticationMAC-based authentication, Port-based authentication
Security algorithms802.1x RADIUS, SNMP, SSH
Access Control List (ACL) rules3
Switch typeManaged
Switch layerL2/L3
SafetyUL 60950-1, CAN/CSA-C22.2 No. 60950-1, EN 60950-1, IEC 60950-1, AS/NZS 60950-1
Form factor1U
Product colorBlack
Total Power over Ethernet (PoE) budget370 W
Power over Ethernet (PoE) ports quantity24
Power over Ethernet plus (PoE+) ports quantity12
Memory typeDRAM
Noise level39 dB
Flash memory128 MB
Internal memory512 MB
Processor frequency600 MHz
Mean time between failures (MTBF)276870 h
Weight and Dimensions IconWeight and Dimensions
Depth368 mm
Width445 mm
Height45 mm
Weight5800 g

Related product manuals