EasyManuals Logo

Cisco Catalyst 2960-XR User Manual

Cisco Catalyst 2960-XR
404 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #324 background imageLoading...
Page #324 background image
If authentication fails, web-based authentication forwards a Login-Fail HTML page to the user, prompting
the user to retry the login. If the user exceeds the maximum number of attempts, web-based authentication
forwards a Login-Expired HTML page to the host, and the user is placed on a watch list for a waiting period.
These sections describe the role of web-based authentication as part of AAA:
Device Roles
With web-based authentication, the devices in the network have these specific roles:
ClientThe device (workstation) that requests access to the LAN and the services and responds to
requests from the switch. The workstation must be running an HTML browser with Java Script enabled.
Authentication serverAuthenticates the client. The authentication server validates the identity of the
client and notifies the switch that the client is authorized to access the LAN and the switch services or
that the client is denied.
SwitchControls the physical access to the network based on the authentication status of the client. The
switch acts as an intermediary (proxy) between the client and the authentication server, requesting
identity information from the client, verifying that information with the authentication server, and relaying
a response to the client.
This figure shows the roles of these devices in a network.
Figure 22: Web-Based Authentication Device Roles
Host Detection
The switch maintains an IP device tracking table to store information about detected hosts.
By default, the IP device tracking feature is disabled on a switch. You must enable the IP device tracking
feature to use web-based authentication.
Note
For Layer 2 interfaces, web-based authentication detects IP hosts by using these mechanisms:
ARP based triggerARP redirect ACL allows web-based authentication to detect hosts with a static IP
address or a dynamic IP address.
Dynamic ARP inspection
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
302 OL-29434-01
Configuring Web-Based Authentication
Device Roles

Table of Contents

Other manuals for Cisco Catalyst 2960-XR

Preview: Reference
Reference52 pages
Preview: Configuration Guide
Configuration Guide196 pages
Preview: Configuration Guides
Configuration Guides120 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 2960-XR and is the answer not in the manual?

Cisco Catalyst 2960-XR Specifications

General IconGeneral
Stacking Bandwidth80 Gbps
Layer SupportLayer 2 and Layer 3
Jumbo Frame Support9198 bytes
RAM512 MB
Input Voltage100-240V AC
ModelCatalyst 2960-XR
Uplink Interfaces4 x 1G SFP or 2 x 10G SFP+
Downlink Interfaces24 or 48 x Gigabit Ethernet ports
Power SupplyInternal
MAC Address Table Size16, 000 entries
PoEAvailable on PoE models
Weight4.5 kg
Featuresenergy efficiency
StackingUp to 8 switches
Operating Temperature0 to 45°C

Related product manuals