Web authentication, Web-auth login-attempts, Table 4-45 – LevelOne FGL-2870 User Manual

Page 539

General Security Measures

4-173

Web Authentication

Web authentication allows stations to authenticate and access the network in
situations where 802.1X or Network Access authentication are infeasible or
impractical. The web authentication feature allows unauthenticated hosts to request
and receive a DHCP assigned IP address and perform DNS queries. All other traffic,
except for HTTP protocol traffic, is blocked. The switch intercepts HTTP protocol
traffic and redirects it to a switch-generated web page that facilitates user name and
password authentication via RADIUS. Once authentication is successful, the web
browser is forwarded on to the originally requested web page. Successful
authentication is valid for all hosts connected to the port.

Notes: 1.

RADIUS authentication must be activated and configured for the web
authentication feature to work properly (see ’Configuring Local/Remote
Logon Authentication" on page 3-72).

Web authentication cannot be configured on trunk ports.

web-auth login-attempts

This command defines the limit for failed web authentication login attempts. After the
limit is reached, the switch refuses further login attempts until the quiet time expires.
Use the no form to restore the default.

Syntax

web-auth login-attempts count
no web-auth login-attempts

count - The limit of allowed failed login attempts. (Range: 1-3)

Table 4-45 Web Authentication

Command

Function

Mode

Page

web-auth login-attempts

Defines the limit for failed web authentication login

attempts

4-173