4-64
Web and MAC Authentication
Configuring MAC Authentication on the Switch
Using the CLI. To reauthenticate a client using the CLI, use this command:
HP Switch(config)# aaa port-access mac-based
<single-port> reauthenticate
mac-addr <MAC address>
The keyword mac-addr specifies single client reauthentication. If the
reauthenticate parameter is entered without the mac-addr keyword and MAC
address, the command is executed as port reauthentication—all clients on a
port are reauthenticated.
Configuring the Registration Server URL
To configure the registration server URL, the command is:
HP Switch(config)# aaa port-access mac-based
unauth-redirect <URL>
For example:
HP Switch(config)# aaa port-access mac-based
unauth-redirect https://serverA.com:124/
registration server/reg.html
Unconfiguring a MAC-Auth Registration Server
Each configured registration server’s URL must be removed by specifying it
exactly, for example:
HP Switch(config)# no aaa port-access mac-based
unauth-redirect https://serverA.com:124/
registration server/reg.html
Operating Notes for HTTP Redirect
â– If the configured URL contains a domain name (as opposed to an IP
address) the switch’s DNS resolver must be configured:
HP Switch(config)# ip dns server-address priority
1 <ipv4-address>
â– The NAT does an IP route lookup before it sends the packet to the
destination registration server. A VLAN must have been configured
that allows the switch to access the registration server.
â– The initial page, redirect server, and filter path configuration will be
per-switch.
To Next Page
Loading...
Need help?
General