Cisco Systems 2960 Manual De Usuario
C H A P T E R
11-1
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
11
Configuring Web-Based Authentication
This chapter describes how to configure web-based authentication. It contains these sections:
•
•
•
Note
For complete syntax and usage information for the switch commands used in this chapter, refer to the
command reference for this release.
command reference for this release.
Understanding Web-Based Authentication
Use the web-based authentication feature, known as web authentication proxy, to authenticate end users
on host systems that do not run the IEEE 802.1x supplicant.
on host systems that do not run the IEEE 802.1x supplicant.
Note
You can configure web-based authentication on Layer 2 and Layer 3 interfaces.
When you initiate an HTTP session, web-based authentication intercepts ingress HTTP packets from the
host and sends an HTML login page to the users. The users enter their credentials, which the web-based
authentication feature sends to the authentication, authorization, and accounting (AAA) server for
authentication.
host and sends an HTML login page to the users. The users enter their credentials, which the web-based
authentication feature sends to the authentication, authorization, and accounting (AAA) server for
authentication.
If authentication succeeds, web-based authentication sends a Login-Successful HTML page to the host
and applies the access policies returned by the AAA server.
and applies the access policies returned by the AAA server.
If authentication fails, web-based authentication forwards a Login-Fail HTML page to the user,
prompting the user to retry the login. If the user exceeds the maximum number of attempts, web-based
authentication forwards a Login-Expired HTML page to the host, and the user is placed on a watch list
for a waiting period.
prompting the user to retry the login. If the user exceeds the maximum number of attempts, web-based
authentication forwards a Login-Expired HTML page to the host, and the user is placed on a watch list
for a waiting period.
These sections describe the role of web-based authentication as part of AAA:
•
•
•
•