Manualshelf

Configuration Guide (Supporting R2.2.0.0) Owner's manual

ManualsBrandsBrocade ManualsComputer Accessories6910 Ethernet Access Switch
261262263264265266267268269270
206 Brocade 6910 Ethernet Access Switch Configuration Guide
53-1002651-02
10
Web Authentication
Web Authentication
Web authentication allows stations to authenticate and access the network in situations where
802.1X or Network Access authentication are infeasible or impractical. The web authentication
feature allows unauthenticated hosts to request and receive a DHCP assigned IP address and
perform DNS queries. All other traffic, except for HTTP protocol traffic, is blocked. The switch
intercepts HTTP protocol traffic and redirects it to a switch-generated web page that facilitates user
name and password authentication via RADIUS. Once authentication is successful, the web
browser is forwarded on to the originally requested web page. Successful authentication is valid for
all hosts connected to the port.
NOTE
RADIUS authentication must be activated and configured for the web authentication feature to work
properly (see Authentication Sequence” on page 142).
Web authentication cannot be configured on trunk ports.
web-auth login-attempts
This command defines the limit for failed web authentication login attempts. After the limit is
reached, the switch refuses further login attempts until the quiet time expires. Use the no form to
restore the default.
Syntax
web-auth login-attempts count
no web-auth login-attempts
count - The limit of allowed failed login attempts. (Range: 1-3)
TABLE 52 Web Authentication
Command Function Mode
web-auth login-attempts Defines the limit for failed web authentication login attempts GC
web-auth quiet-period Defines the amount of time to wait after the limit for failed
login attempts is exceeded.
GC
web-auth session-timeout Defines the amount of time a session remains valid GC
web-auth system-auth-control Enables web authentication globally for the switch GC
web-auth Enables web authentication for an interface IC
web-auth re-authenticate (Port) Ends all web authentication sessions on the port and forces
the users to re-authenticate
PE
web-auth re-authenticate (IP) Ends the web authentication session associated with the
designated IP address and forces the user to re-authenticate
PE
show web-auth Displays global web authentication parameters PE
show web-auth interface Displays interface-specific web authentication parameters
and statistics
PE
show web-auth summary Displays a summary of web authentication port parameters
and statistics
PE