beautypg.com

Setting the web authentication failover sequence, Passcodes for user authentication, Configuring passcode authentication – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 299: 298 or

background image

To revert back to using the RADIUS server, enter the following command.

device(config-vlan-10-webauth)# auth-mode username-password auth-methods radius

Syntax: auth-mode username-password auth-methods radius

Setting the web authentication failover sequence

You can optionally specify a failover sequence for RADIUS and local user database authentication
methods. For example, you can configure Web Authentication to first use a local user database to
authenticate users in a VLAN. If the local user database is not available, it will use a RADIUS server.
Enter the following command.

device(config-vlan-10-webauth)# auth-mode username-password auth-methods local radius

Syntax: auth-mode username-password auth-methods method1 method2

For method1method2, enter radiuslocal or local radius .

Assigning a local user database to a web authentication VLAN

After creating or importing a local user database on the FastIron switch and setting the local user
database authentication method to local , you can configure a Web Authentication VLAN to use the
database to authenticate users in a VLAN. To do so, enter a command such as the following.

device(config-vlan-10-webauth)# auth-mode username-password local-user-database

userdb1

These commands configure Web Authentication to use the usernames and passwords in the userdb1
database to authenticate users in VLAN 10.

Syntax: [no] auth-mode username-password local-user-database db-name

For db-name , enter a valid local user database.

Use the no form of the command to remove the database from the Web Authentication VLAN.

Passcodes for user authentication

Web Authentication supports the use of passcodes to authenticate users. Users are blocked from
accessing the switch until they enter a valid passcode on a web login page. Unlike username and
password authentication, passcode authentication uses a simple number to authenticate users. The
simplicity of a passcode reduces user errors and lowers the overhead of supporting and managing
simple tasks, such as Internet access for guests and visitors in the office.

When passcodes are enabled, the system will automatically generate them every 1440 minutes (24
hours), and when the system boots up. You can optionally create up to four static passcodes which will
be used in conjunction with the dynamic passcodes generated by the system.

Configuring passcode authentication

Follow the steps given below to configure the device to use the passcode authentication mode.

1. Optionally create up to four static passcodes
2. Enable passcode authentication
3. Configure other options

Setting the web authentication failover sequence

FastIron Ethernet Switch Security Configuration Guide

299

53-1003088-03

See also other documents in the category Brocade Computer Accessories: