HP (Hewlett-Packard) 2600 Switch User Manual


 
Web and MAC Authentication for the Series 2600/2600-PWR and 2800 Switches
How Web and MAC Authentication Operate
How Web and MAC Authentication
Operate
Authenticator Operation
Before gaining access to the network clients first present their authentication
credentials to the switch. The switch then verifies the supplied credentials
with a RADIUS authentication server. Successfully authenticated clients
receive access to the network, as defined by the System Administrator. Clients
who fail to authenticate successfully receive no network access or limited
network access as defined by the System Administrator.
Web-based Authentication
When a client connects to a Web-Auth enabled port communication is redi-
rected to the switch. A temporary IP address is assigned by the switch and a
login screen is presented for the client to enter their credentials.
Figure 3-1. Example of User Login Screen
The temporary IP address pool can be specified using the dhcp-addr and
dhcp-lease options of the aaa port-access web-based command. If SSL is
enabled on the switch and ssl-login is enabled on the port the client is
redirected to a secure login page (https://...).
The switch passes the supplied username and password to the RADIUS server
for authentication.
3-5