4-19
Web and MAC Authentication
Configuring Web Authentication
• You can block only incoming traffic on a port before authentication
occurs. Outgoing traffic with unknown destination addresses is
flooded on unauthenticated ports configured for web authentication.
For example, Wake-on-LAN traffic is transmitted on a web-authenti-
cated egress port that has not yet transitioned to the authenticated
state;
10. Test both authorized and unauthorized access to your system to ensure
that Web Authentication works properly on the ports you have configured
for port-access using Web Authentication.
Note Client web browsers may not use a proxy server to access the network.
Configuration Commands for Web Authentication
Command Page
Configuration Level
aaa port-access <port-list > controlled-directions <both | in> 4-20
[no] aaa port-access web-based <port-list > 4-22
[auth-vid] 4-22
[clear-statistics] 4-22
[client-limit] 4-22
[dhcp-addr] 4-23
[dhcp-lease] 4-23
[ewa-server]
4-23
[logoff-period] 4-24
[max-requests] 4-24
[max-retries] 4-24
[quiet-period] 4-24
[reauth-period] 4-25
[reauthenticate] 4-25
[redirect-url] 4-25
[server-timeout] 4-25
[unauth-vid] 4-53
[access-denied-message <<access-denied-str> |
< radius-response>]
To Next Page
Loading...
Need help?
General