EasyManuals Logo

Cisco Catalyst 4500 Series Software Configuration Guide

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1430 background imageLoading...
Page #1430 background image
52-2
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 52 Configuring Web-Based Authentication
About Web-Based Authentication
• Authentication Process, page 52-3
• Customization of the Authentication Proxy Web Pages, page 52-4
• Web-Based Authentication Interactions with Other Features, page 52-4
Device Roles
With web-based authentication, the devices in the network have specific roles (Figure 52-1).
Figure 52-1 Web-Based Authentication Device Roles
The roles are as follows:
• Client—The device (workstation) that requests access to the LAN and switch services and responds
to requests from the switch. The workstation must be running an HTML browser with Java Script
enabled.
• Authentication server—Performs the actual authentication of the client. The authentication server
validates the identity of the client and notifies the switch that the client is authorized to access the
LAN and switch services or that the client is denied.
• Switch—Controls the physical access to the network based on the authentication status of the client.
The switch acts as an intermediary (proxy) between the client and the authentication server,
requesting identity information from the client, verifying that information with the authentication
server, and relaying a response to the client.
Host Detection
The switch maintains an IP device tracking table to store information about detected hosts.
Note By default, the IP device tracking feature is disabled on a switch. You must enable the IP device tracking
feature to use web-based authentication.
For Layer 3 interfaces, web-based authentication sets an HTTP intercept ACL when the feature is
configured on the interface (or when the interface is put in service).
For Layer 2 interfaces, web-based authentication detects IP hosts using the following mechanisms:
• ARP-based trigger—ARP redirect ACL allows web-based authentication to detect hosts with static
IP address or dynamically acquired IP address.
• Dynamic ARP inspection (DAI)

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals