Command Line Interface Reference Guide

aaa

 

 

the switch considers an implicit logoff (default 300)

o 'reauth-period' sets the period of time after which connected clients must be re-authenticated. When the timeout is set to 0 the re-authentication is disabled (default 0).

o 'auth-vid' configures the VLAN to which to move a port

after successful authentication. RADIUS server can override the value. Use 'no' form of the command to set this PVID to 0. If the PVID is set to 0 no PVID changes occur unless RADIUS server requests. Changes take effect immediately. All clients must immediately re-authenticate. The default is 0.

o 'unauth-vid' configures the VLAN to which to move a port after failed authentication. Use 'no' form of the command to set this PVID to 0. Changes take effect immediately. The default is 0.

o 'reauthenticate' forces re-authentication of all clients present on a port.

Next Available Options:

web-list1-- Manage web authentication based network authentication on the device port(s). ([ethernet] PORT-LIST) (p. 57)

dhcp-addr-- Set the base address / mask for the temporary pool used by DHCP (base address default is 192.168.0.0, mask default is 24 - 255.255.255.0). (IP-ADDR/MASK-LENGTH) (p. 33)

dhcp-lease< 5 to 25 > -- Set the lease length of the IP address issued by DHCP (default 10). (NUMBER) (p. 33)

ewa-server-- IP address or hostname of the enhanced web authentication server on the device.

(p. 34)

web-list1

[no] aaa port-access web-based [ETHERNET] PORT-LIST

Manage web authentication based network authentication on the device port(s).

Next Available Options:

client-limit< 1 to 32 > -- Set the port's maximum number of authenticated clients (default 1). (NUMBER) (p. 31)

client-moves-- Set whether the client can move between ports (default disabled - no moves).(p. 31)

ssl-login-- Set whether to enable SSL login (https on port 443) (default disabled).(p. 50)

redirect-url-- Set the URL that the user should be redirected to after successful login (default none), Specify url up to 103 characters length.(p. 48)

max-retries< 1 to 10 > -- Set number of times a client can enter their credentials before authentication is considered to have failed (default 3). (NUMBER) (p. 39)

logoff-period< 1 to 9999999 > -- Set the period of time of inactivity that the switch considers an implicit logoff (default 300 seconds). (NUMBER) (p. 36)

quiet-period< 1 to 65535 > -- Set the period of time the switch does not try to authenticate (default 60 seconds). (NUMBER) (p. 47)

server-timeout< 1 to 300 > -- Set the authentication server response timeout (default 30 seconds). (NUMBER) (p. 50)

© 2009 Hewlett-Packard Development Company, L.P.

57