11-16
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter11 Configuring Web-Based Authentication
Configuring Web-Based Authentication
This example shows how to determine whether any connected hosts are in the AAADown state:
Switch# show ip admission cache
Authentication Proxy Cache
Client IP 209.165.201.11 Port 0, timeout 60, state ESTAB (AAA Down)
This example shows how to view detailed information about a particular session based on the host IP
address:
Switch# show ip admission cache 209.165.201.11
Address : 209.165.201.11
MAC Address : 0000.0000.0000
Interface : Vlan333
Port : 3999
Timeout : 60
Age : 1
State : AAA Down
AAA Down policy : AAA_FAIL_POLICY
Configuring the Web-Based Authentication Parameters
You can configure the maximum number of failed login attempts before the client is placed in a watch
list for a waiting period.
This example shows how to set the maximum number of failed login attempts to 10:
Switch(config)# ip admission max-login-attempts 10
Configuring a Web Authentication Local Banner
Beginning in privileged EXEC mode, follow these steps to configure a local banner on a switch that has
web authentication configured.
Command Purpose
Step1 ip admission max-login-attempts number Set the maximum number of failed login attempts. The
range is 1 to 2147483647 attempts. The default is 5.
Step2 end Returns to privileged EXEC mode.
Step3 show ip admission configuration Display the authentication proxy configuration.
Step4 show ip admission cache Display the list of authentication entries.
Step5 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 ip admission auth-proxy-banner http
[banner-text | file-path]
Enable the local banner.
(Optional) Create a custom banner by entering C banner-text C, where
C is a delimiting character or a file-path indicates a file (for example, a
logo or text file) that appears in the banner.