Accton Technology ES3528M-SFP manual Web Authentication Command Function Mode

4 Command Line Interface

Command Usage

When using a bit mask to filter displayed MAC addresses, a 1 means "care" and a 0 means "don't care". For example, a MAC of 00-00-01-02-03-04 and mask FF-FF-FF-00-00-00 would result in all MACs in the range

00-00-01-00-00-00 to 00-00-01-FF-FF-FF to be displayed. All other MACs would be filtered out.

Example

Console#show network-access mac-address-table

---- ----------------- --------------- --------- -------------------------

Console#

Web Authentication

Web authentication allows stations to authenticate and access the network in situations where 802.1X or Network Access authentication are infeasible or impractical. The web authentication feature allows unauthenticated hosts to request and receive a DHCP assigned IP address and perform DNS queries. All other traffic, except for http protocol traffic, is blocked. The switch intercepts http protocol traffic and redirects it to a switch-generated webpage that facilitates username and password authentication via RADIUS. Once authentication is successful, the web browser is forwarded on to the originally requested web page. Successful authentication is valid for all hosts connected to the port.

Notes: 1. MAC authentication, web authentication, 802.1X, and port security cannot be configured together on the same port. Only one security mechanism can be applied.

2.RADIUS authentication must be activated and configured properly for the web authentication feature to work properly. (See “Configuring Local/Remote Logon Authentication” on page 3-53)

3.Web authentication cannot be configured on trunk ports.

Table 4-37 Web Authentication

4-130