beautypg.com

Configuration procedure, Configuring a web authentication-free user, Configuring https access for web authentication – H3C Technologies H3C S3100 Series Switches User Manual

Page 469

background image

1-4

Configuration Procedure

Follow these steps to configure an Auth-Fail VLAN for Web authentication:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter port view

interface interface-type
interface-number

Configure an Auth-Fail VLAN for
Web authentication

web-authentication auth-fail
vlan authfail-vlan-id

Required

Not configured by default.

z

Different ports can be configured with different Auth-Fail VLANs, but one port can be configured

with one Auth-Fail VLAN at most.

z

If you configure both Web authentication and MAC authentication on a port and specify an MAFV

for Web authentication and an MGV for MAC authentication, the assignment of the MAFV entry for

a user will overwrite the MGV entry for the user, while the assignment of the MGV entry for a user

will not overwrite the MAFV entry for the user.

z

If the MAFV for 802.1X authentication on a port has been assigned to a user, the MAFV for Web

authentication will not take effect for the user.

Configuring a Web Authentication-Free User

Follow these steps to configure a web authentication-free user:

To do…

Use the command…

Remarks

Enter system view

system-view

In system view

web-authentication free-user ip
ip-address mac mac-address
[ interface interface-list ]

interface interface-type
interface-number

Configure a web
authentication-free
user

In Ethernet
interface view

web-authentication free-user ip
ip-address mac mac-address

Required

Use at least one
approach.

By default, no web
authentication-free user is
configured.

Configuring HTTPS Access for Web Authentication

HTTP and HTTPS can be used for interaction between an authentication client and an access device:

z

If HTTP is used, there are potential security problems because HTTP packets are transferred in

plain text;

z

If HTTPS is used, data security is ensured because HTTPS packets are transferred in ciphertext

based on SSL.

See also other documents in the category H3C Technologies Routers: