Chapter 9
| General Security Measures
Web Authentication
– 332 –
Web Authentication
Web authentication allows stations to authenticate and access the network in
situations where 802.1X or Network Access authentication are infeasible or
impractical. The web authentication feature allows unauthenticated hosts to
request and receive a DHCP assigned IP address and perform DNS queries. All other
traffic, except for HTTP protocol traffic, is blocked. The switch intercepts HTTP
protocol traffic and redirects it to a switch-generated web page that facilitates user
name and password authentication via RADIUS. Once authentication is successful,
the web browser is forwarded on to the originally requested web page. Successful
authentication is valid for all hosts connected to the port.
Note:
RADIUS authentication must be activated and configured for the web
authentication feature to work properly (see “Authentication Sequence” on
page 248).
Note:
Web authentication cannot be configured on trunk ports.
Table 57: Web Authentication
Command Function Mode
web-auth login-attempts Defines the limit for failed web authentication login
attempts
GC
web-auth quiet-period Defines the amount of time to wait after the limit for
failed login attempts is exceeded.
GC
web-auth session-timeout Defines the amount of time a session remains valid GC
web-auth system-auth-control Enables web authentication globally for the switch GC
web-auth Enables web authentication for an interface IC
web-auth re-authenticate (Port) Ends all web authentication sessions on the port and
forces the users to re-authenticate
PE
web-auth re-authenticate (IP) Ends the web authentication session associated with the
designated IP address and forces the user to re-
authenticate
PE
show web-auth Displays global web authentication parameters PE
show web-auth interface Displays interface-specific web authentication
parameters and statistics
PE
show web-auth summary Displays a summary of web authentication port
parameters and statistics
PE
To Next Page
Loading...
Need help?
General