11-11
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter11 Configuring Web-Based Authentication
Configuring Web-Based Authentication
This example shows how to verify the configuration:
Switch# show ip admission configuration
Authentication Proxy Banner not configured
Authentication global cache time is 60 minutes
Authentication global absolute time is 0 minutes
Authentication global init state time is 2 minutes
Authentication Proxy Watch-list is disabled
Authentication Proxy Rule Configuration
Auth-proxy name webauth1
http list not specified inactivity-time 60 minutes
Authentication Proxy Auditing is disabled
Max Login attempts per user is 5
Configuring AAA Authentication
This example shows how to enable AAA:
Switch(config)# aaa new-model
Switch(config)# aaa authentication login default group tacacs+
Switch(config)# aaa authorization auth-proxy default group tacacs+
Configuring Switch-to-RADIUS-Server Communication
RADIUS security servers identification:
Host name
Host IP address
Host name and specific UDP port numbers
IP address and specific UDP port numbers
Command Purpose
Step1 aaa new-model Enables AAA functionality.
Step2 aaa authentication login default group {tacacs+ |
radius}
Defines the list of authentication methods at login.
Step3 aaa authorization auth-proxy default group {tacacs+
| radius}
Create an authorization method list for web-based
authorization.
Step4 tacacs-server host {hostname | ip_address} Specify an AAA server. For RADIUS servers, see the
“Configuring Switch-to-RADIUS-Server
Communication” section on page11-11.
Step5 tacacs-server key {key-data} Configure the authorization and encryption key used
between the switch and the TACACS server.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.