Specifications
8-38 AAA Commands
set authentication web
Configuresanauthenticationruletoallowausertologintothenetworkusingawebpageserved
bytheRoamAboutswitch.Therulecanbeactivatediftheuserisnototherwisegrantedordenied
accessby802.1X,orgrantedaccessbyMACauthentication.
Syntax
set authentication web {ssid ssid-name | wired} user-glob method1 [method2]
[method3] [method4]
Parameters
Default
Bydefault,authenticationisunconfiguredforallclientswithnetworkaccessthroughAPportsor
wiredauthenticationportsontheRAS.Connection,authorization,andaccountingarealso
disabledfortheseusers.
Mode
Enabled.
Usage
Youcanconfiguredifferentauthenticationmethodsfordifferentgroupsofusersby“globbing.”
(Fordetails,see“UserGlobs”onpage 1‐3.)
user‐glob Asingleuserorasetofusers.
Specifyausername,usethedouble‐asteriskwildcardcharacter(**)tospecifyall
usernames,orusethesingle‐asterisk
wildcardcharacter (*)tospecifyasetof
usernamesuptoorfollowingthefirstdelimitercharacter—eitheranatsign(@)or
aperiod(.).(Fordetails,see“UserGlobs”onpage 1‐3.)
ssidssid‐
name
SSIDnametowhichthisauthenticationruleapplies.Toapplytheruletoall
SSIDs,
typeany.
wired Appliesthisauthenticationrulespecificallytousersconnectedtoawired
authenticationport.
method1
method2
method3
method4
AtleastoneanduptofourmethodsthatMSSusestohandleauthentication.
Specifyoneormoreofthefollowingmethodsinpriorityorder.MSSapplies
multiplemethodsintheorderyouenter
them.
Amethodcanbeoneofthefollowing:
• local—UsesthelocaldatabaseofusernamesandusergroupsontheRASfor
authentication.
• server‐group‐name—UsesthedefinedgroupofRADIUSserversfor
authentication.YoucanenteruptofournamesofexistingRADIUSserver
groupsasmethods.
RADIUSservers
cannotbeusedwiththeEAP‐TLSprotocol.
Formoreinformation,see“Usage.”