Web and MAC Authentication

Configuring Web Authentication

You can block only incoming traffic on a port before authentication occurs. Outgoing traffic with unknown destination addresses is flooded on unauthenticated ports configured for web authentication. For example, Wake-on-LAN traffic is transmitted on a web-authenti- cated egress port that has not yet transitioned to the authenticated state;

10.Test both authorized and unauthorized access to your system to ensure that Web Authentication works properly on the ports you have configured for port-access using Web Authentication.

Note

Client web browsers may not use a proxy server to access the network.

Configuration Commands for Web Authentication

Command

Page

Configuration Level

 

aaa port-access <port-list> controlled-directions <both in>

3-22

[no] aaa port-access web-based <port-list>

3-24

[auth-vid]

3-24

[clear-statistics]

3-24

[client-limit]

3-24

[dhcp-addr]

3-24

[dhcp-lease]

3-25

[ewa-server]

3-25

[logoff-period]

3-26

[max-requests]

3-26

[max-retries]

3-26

[quiet-period]

3-26

[reauth-period]

3-27

[reauthenticate]

3-27

[redirect-url]

3-27

[server-timeout]

3-27

[unauth-vid]

3-54

 

 

3-21