Web and MAC Authentication

Configuring Web Authentication

Configuring Web Authentication

Overview

1.If you have not already done so, configure a local username and password pair on the switch.

2.Identify or create a redirect URL for use by authenticated clients. Pro- Curve recommends that you provide a redirect URL when using Web Authentication. If a redirect URL is not specified, web browser behavior following authentication may not be acceptable.

3.If you plan to use multiple VLANs with Web Authentication, ensure that these VLANs are configured on the switch and that the appropriate port assignments have been made. Also, confirm that the VLAN used by authorized clients can access the redirect URL.

4.Use the ping command in the switch console interface to ensure that the switch can communicate with the RADIUS server you have configured to support Web-Auth on the switch.

5.Configure the switch with the correct IP address and encryption key to access the RADIUS server.

6.(Optional) To use SSL encryption for web authentication login, configure and enable SSL on the switch.

7.Enable web authentication on the switch ports you want to use.

8.Configure the optional settings that you want to use for web authentica- tion; for example:

To avoid address conflicts in a secure network, configure the base IP address and mask to be used by the switch for temporary DHCP addresses. You can also set the lease length for these temporary IP addresses.

To use SSL encryption for web authentication login, configure the SSL option.

To redirect authorized clients to a specified URL, configure the Redi- rect URL option.

9.Configure how web-authenticator ports transmit traffic before they suc- cessfully authenticate a client and enter the authenticated state:

You can block incoming and outgoing traffic on a port before authen- tication occurs.

3-20