14-11
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 14 Configuring Web-Based Authentication
How to Configure Web-Based Authentication
How to Configure Web-Based Authentication

Configuring the Authentication Rule and Interfaces

Configuring AAA Authentication

Command Purpose
Step 1 ip admission name name proxy http Configures an authentication rule for web-based authorization.
Step 2 interface type slot/port Enters interface configuration mode and specifies the ingress Layer 2
interface to be enabled for web-based authentication.
type can be Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet.
Step 3 ip access-group name Applies the default ACL.
Step 4 ip admission name Configures web-based authentication on the specified interface.
Step 5 exit Returns to configuration mode.
Step 6 ip device tracking Enables the IP device tracking table.
Step 7 end Returns to privileged EXEC mode.
Step 8 show ip admission configuration Displays the configuration.
Command Purpose
Step 1 aaa new-model Enables AAA functionality.
Step 2 aaa authentication login default group {tacacs+
| radius}
Defines the list of authentication methods at login.
Step 3 aaa authorization auth-proxy default group
{tacacs+ | radius}
Creates an authorization method list for web-based
authorization.
Step 4 radius-server host {hostname | ip-address} test
username username
Specifies an AAA server.
Specifies the host name or IP address of the remote RADIUS
server.
The test username username option enables automated testing
of the RADIUS server connection. The specified username does
not need to be a valid user name.
Step 5 radius-server key string Configures the authorization and encryption key used between
the switch and the RADIUS daemon running on the RADIUS
server. To use multiple RADIUS servers, reenter this command
for each server.