Enterasys Networks 1G58x-09, 1H582-xx, E1 Series 14.3.5 Configuring Port Web Authentication (PWA) About PWA

Security Configuration Command Set

Configuring Port Web Authentication (PWA)

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide 14-63

14.3.5 Configuring Port Web Authentication (PWA)About PWA

PWA provides a way of authenticating a user on a switch port before allowing the user general

access to the network. PWA locks down a port a user is attached to until after the user successfully

logs in via a web browser and Secure HarbourTM — Enterasys Networks’ web-based security

interface — to access the Matrix E1 device. The device will pass all login information from the end

station to a RADIUS server for authentication before turning the port on.

PWA is an alternative to 802.1X and MAC authentication. It allows only the essential protocols and

services required by the authentication process on the segment between the end-station and the

switch port. All other traffic is discarded. When a user is in the unauthenticated state, any traffic

generated by the end-station will not go beyond the switch port to which the user is connected.

To log on using PWA, the user makes a request via a web browser for the Secure Harbour web page.

Depending upon the authenticated state of the port, a login page or a logout page will display. When

a user submits a login page with a configured username and password, the switch then authenticates

the user via a preconfigured RADIUS server. If the login is successful, then the port that the

end-station is connected to will be turned on and full network access will be granted according to

the user’s port configuration on the switch.

Purpose

To review, enable, disable, and configure Port Web Authentication (PWA).

Commands

The commands needed to review and configure PWA are listed below and described in the

associated section as shown:

•show pwa (Section 14.3.5.1)

•set pwa (Section 14.3.5.2)

•set pwa hostname (Section 14.3.5.3)

•set pwa displaylogo (Section 14.3.5.4)

•set pwa refreshtime (Section 14.3.5.5)

NOTE: Port Web Authentication cannot be enabled if either MAC authentication or

EAPOL (802.1X) is enabled. For information on disabling 802.1X, refer to

Section 14.3.2.8. For information on disabling MAC authentication, refer to

Section 14.3.3.3.