1-4
Configuration Procedure
Follow these steps to configure an Auth-Fail VLAN for Web authentication:
To do… Use the command… Remarks
Enter system view
system-view
—
Enter port view
interface
interface-type
interface-number
—
Configure an Auth-Fail VLAN for
Web authentication
web-authentication auth-fail
vlan
authfail-vlan-id
Required
Not configured by default.
z Different ports can be configured with different Auth-Fail VLANs, but one port can be configured
with one Auth-Fail VLAN at most.
z If you configure both Web authentication and MAC authentication on a port and specify an MAFV
for Web authentication and an MGV for MAC authentication, the assignment of the MAFV entry for
a user will overwrite the MGV entry for the user, while the assignment of the MGV entry for a user
will not overwrite the MAFV entry for the user.
z If the MAFV for 802.1X authentication on a port has been assigned to a user, the MAFV for Web
authentication will not take effect for the user.
Configuring a Web Authentication-Free User
Follow these steps to configure a web authentication-free user:
To do… Use the command… Remarks
Enter system view
system-view
—
In system view
web-authentication free-user ip
ip-address
mac
mac-address
[
interface
interface-list ]
interface
interface-type
interface-number
Configure a web
authentication-free
user
In Ethernet
interface view
web-authentication free-user ip
ip-address
mac
mac-address
Required
Use at least one
approach.
By default, no web
authentication-free user is
configured.
Configuring HTTPS Access for Web Authentication
HTTP and HTTPS can be used for interaction between an authentication client and an access device:
z If HTTP is used, there are potential security problems because HTTP packets are transferred in
plain text;
z If HTTPS is used, data security is ensured because HTTPS packets are transferred in ciphertext
based on SSL.
To Next Page
Loading...
Need help?
General