C
HAPTER
24
| General Security Measures
Web Authentication
– 885 –
show
network-access
mac-filter
Use this command to display information for entries in the MAC filter
tables.
SYNTAX
show network-access mac-filter [filter-id]
filter-id - Specifies a MAC address filter table. (Range: 1-64)
DEFAULT SETTING
Displays all filters.
COMMAND MODE
Privileged Exec
EXAMPLE
Console#show network-access mac-filter
Filter ID MAC Address MAC Mask
--------- ----------------- -----------------
1 00-00-01-02-03-08 FF-FF-FF-FF-FF-FF
Console#
WEB AUTHENTICATION
Web authentication allows stations to authenticate and access the network
in situations where 802.1X or Network Access authentication are infeasible
or impractical. The web authentication feature allows unauthenticated
hosts to request and receive a DHCP assigned IP address and perform DNS
queries. All other traffic, except for HTTP protocol traffic, is blocked. The
switch intercepts HTTP protocol traffic and redirects it to a switch-
generated web page that facilitates user name and password
authentication via RADIUS. Once authentication is successful, the web
browser is forwarded on to the originally requested web page. Successful
authentication is valid for all hosts connected to the port.
N
OTE
:
RADIUS authentication must be activated and configured for the web
authentication feature to work properly (see "Authentication Sequence" on
page 806).
N
OTE
:
Web authentication cannot be configured on trunk ports.
Table 90: Web Authentication
Command Function Mode
web-auth login-attempts Defines the limit for failed web authentication login
attempts
GC
web-auth quiet-period Defines the amount of time to wait after the limit for
failed login attempts is exceeded.
GC
web-auth session-timeout Defines the amount of time a session remains valid GC
To Next Page
Loading...
Need help?
General
