beautypg.com

Creating static passcodes, Enabling passcode authentication, Configuring the passcode refresh method – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 300

background image

Creating static passcodes

Static passcodes can be used for troubleshooting purposes, or for networks that want to use passcode
authentication, but do not have the ability to support automatically-generated passcodes (for example,
the network does not fully support the use of SNMP traps or Syslog messages with passcodes).

Manually-created passcodes are used in conjunction with dynamic passcodes . You can configure up
to four static passcodes that never expire. Unlike dynamically-created passcodes, static passcodes
are saved to flash memory. By default, there are no static passcodes configured on the switch.

To create static passcodes, enter commands such as the following.

device(config-vlan-10-webauth)# auth-mode passcode static 3267345

device(config-vlan-10-webauth)# auth-mode passcode static 56127

Syntax: auth-mode passcode static passcode

For passcode , enter a number from 4 to 16 digits in length. You can create up to four static
passcodes, each with a different length. Static passcodes do not have to be the same length as
passcodes that are automatically generated.

After creating static passcodes, you can enable passcode authentication as described in the next
section.

To view the passcodes configured on the switch, use the show webauth vlan vlan-id passcode
command. Refer to

Displaying passcodes

on page 321.

Enabling passcode authentication

To enable passcode authentication, enter the following command.

device(config-vlan-10-webauth)# auth-mode passcode

This command enables Web Authentication to use dynamically-created passcodes to authenticate
users in the VLAN. If the configuration includes static passcodes, they are used in conjunction with
dynamically-created passcodes.

Syntax: [no] auth-mode passcode

Enter no auth-mode passcode to disable passcode authentication.

Configuring the length of dynamically-generated passcodes

By default, dynamically-generated passcodes are 4 digits in length, for example, 0123. If desired, you
can increase the passcode length to up to 16 digits. To do so, enter a command such as the following
at the Web Authentication level of the CLI.

device(config-vlan-10-webauth)# auth-mode passcode length 10

The next dynamically-created passcode will be 10 digits in length, for example, 0123456789.

Syntax: auth-mode passcode length value

For value , enter a number from 4 to 16.

Configuring the passcode refresh method

Passcode authentication supports two passcode refresh methods:

Creating static passcodes

300

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

See also other documents in the category Brocade Computer Accessories: