Web and MAC Authentication for the Series 2600/2600-PWR and 2800 Switches
Configuring MAC Authentication on the Switch
Syntax: [no] aaa port-access web-based [e] < port-list > [ssl-login]]
Enables or disables SSL login (https on port 443). SSL
must be enabled on the switch.
If SSL login is enabled, a user is redirected to a secure
page, where they enter their username and password.
If SSL login is disabled, a user is not redirected to a
secure page to enter their credentials.
Use the no form of the command to disable SSL login.
(Default: disabled)
Syntax: aaa port-access web-based [e] < port-list > [unauth-vid <vid>]
no aaa port-access web-based [e] < port-list > [unauth-vid]
Specifies the VLAN to use for a client that fails authen-
tication. If unauth-vid is 0, no VLAN changes occur.
Use the no form of the command to set the unauth-vid to 0.
(Default: 0)
Configuring MAC Authentication on the
Switch
This feature is available only on the Series 2600, 2600-PWR, and 2800
Switches.
Overview
1. If you have not already done so, configure a local username and password
pair on the switch.
2. If you plan to use multiple VLANs with MAC Authentication, ensure that
these VLANs are configured on the switch and that the appropriate port
assignments have been made.
3. Use the ping command in the switch console interface to ensure that the
switch can communicate with the RADIUS server you have configured to
support MAC-Auth on the switch.
4. Configure the switch with the correct IP address and encryption key to
access the RADIUS server.
3-22