beautypg.com

Web authentication, Web-auth login-attempts, Table 52 – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 262

background image

206

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002651-02

10

Web Authentication

Web Authentication

Web authentication allows stations to authenticate and access the network in situations where
802.1X or Network Access authentication are infeasible or impractical. The web authentication
feature allows unauthenticated hosts to request and receive a DHCP assigned IP address and
perform DNS queries. All other traffic, except for HTTP protocol traffic, is blocked. The switch
intercepts HTTP protocol traffic and redirects it to a switch-generated web page that facilitates user
name and password authentication via RADIUS. Once authentication is successful, the web
browser is forwarded on to the originally requested web page. Successful authentication is valid for
all hosts connected to the port.

NOTE

RADIUS authentication must be activated and configured for the web authentication feature to work
properly (see

“Authentication Sequence”

on page 142).

Web authentication cannot be configured on trunk ports.

web-auth login-attempts

This command defines the limit for failed web authentication login attempts. After the limit is
reached, the switch refuses further login attempts until the quiet time expires. Use the no form to
restore the default.

Syntax

web-auth login-attempts count

no web-auth login-attempts

count - The limit of allowed failed login attempts. (Range: 1-3)

TABLE 52

Web Authentication

Command

Function

Mode

web-auth login-attempts

Defines the limit for failed web authentication login attempts GC

web-auth quiet-period

Defines the amount of time to wait after the limit for failed
login attempts is exceeded.

GC

web-auth session-timeout

Defines the amount of time a session remains valid

GC

web-auth system-auth-control

Enables web authentication globally for the switch

GC

web-auth

Enables web authentication for an interface

IC

web-auth re-authenticate (Port)

Ends all web authentication sessions on the port and forces
the users to re-authenticate

PE

web-auth re-authenticate (IP)

Ends the web authentication session associated with the
designated IP address and forces the user to re-authenticate

PE

show web-auth

Displays global web authentication parameters

PE

show web-auth interface

Displays interface-specific web authentication parameters
and statistics

PE

show web-auth summary

Displays a summary of web authentication port parameters
and statistics

PE