Support User Manuals

Accton Technology ES3528M-SFP Switch User Manual

Open as PDF

of 644

Command Line Interface

4-130

4

Command Usage

When using a bit mask to filter displayed MAC addresses, a 1 means "care"

and a 0 means "don't care". For example, a MAC of 00-00-01-02-03-04 and

mask FF-FF-FF-00-00-00 would result in all MACs in the range

00-00-01-00-00-00 to 00-00-01-FF-FF-FF to be displayed. All other MACs

would be filtered out.

Example

Web Authentication

Web authentication allows stations to authenticate and access the network in

situations where 802.1X or Network Access authentication are infeasible or

impractical. The web authentication feature allows unauthenticated hosts to request

and receive a DHCP assigned IP address and perform DNS queries. All other traffic,

except for http protocol traffic, is blocked. The switch intercepts http protocol traffic

and redirects it to a switch-generated webpage that facilitates username and

password authentication via RADIUS. Once authentication is successful, the web

browser is forwarded on to the originally requested web page. Successful

authentication is valid for all hosts connected to the port.

Notes: 1.

MAC authentication, web authentication, 802.1X, and port security cannot be

configured together on the same port. Only one security mechanism can be

applied.

2. RADIUS authentication must be activated and configured properly for the

web authentication feature to work properly. (See “Configuring Local/Remote

Logon Authentication” on page 3-53)

3. Web authentication cannot be configured on trunk ports.

Console#show network-access mac-address-table

---- ----------------- --------------- --------- -------------------------

Port MAC-Address RADIUS-Server Attribute Time

---- ----------------- --------------- --------- -------------------------

1/1 00-00-01-02-03-04 172.155.120.17 Static 00d06h32m50s

1/1 00-00-01-02-03-05 172.155.120.17 Dynamic 00d06h33m20s

1/1 00-00-01-02-03-06 172.155.120.17 Static 00d06h35m10s

1/3 00-00-01-02-03-07 172.155.120.17 Dynamic 00d06h34m20s

Console#

Table 4-37 Web Authentication

Command Function Mode Page

web-auth

login-attempts

Defines the limit for failed web authentication login

attempts

GC 4-131

web-auth

login-fail-page-url

Defines the external URL to which a host is directed after

a failed web authentication attempt

GC 4-131

web-auth

login-page-url

Defines the external URL to which a host is directed to

complete web authentication

GC 4-132

web-auth

login-success-page-url

Defines the external URL to which a host is directed after

a successful web authentication

GC 4-132

previous next