DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual
183
Web Authentication
Web authentication, also known as Web-based Access Control, is a nother port based access control method
implemented similarily to the 802.1X port based access control method previ ously s tated. This f unction will allow user
authentication through a RADIUS server or through the local authenticat ion set o n the Switc h when a user is trying to
access the network via the switch, if the port connected to the user is enab led for this feature.
The user attempting to gain web access will be prompted for a username and password b efore being allowed to
accept HTTP packets from the Switch. When a client attempts to access a website, that por t is placed in the
authentication VLAN set by the user. All clients in this authentication VLAN wi ll be queried for authentication b y the
local method or through a RADIUS server. Once accepted, the us er will be placed in a t arget VLAN on the Sw itch
where it will have rights and privileges to openly access the Internet. If denied acces s, no pack ets will pas s throug h t o
the user and thus, that user will be returned to the authentication VLAN from where it came and the authentication
procedure will have to be reattempted by the user.
Once a client has been authenticated on a particular port, that port will be plac ed in t he pre-c onfigur ed VLAN and a ny
other clients on that port will be automatically authenticated to access the sp ecified Re direction Path U RL, as well as
the authenticated client.
Here is an example of the basic six step process all parties of the authentication go through f or a successful Web-
based Access Control process.