Web authentication, Figure 3-64, Configuring port security – LevelOne FGL-2870 User Manual
Page 165
General Security Measures
3-111
3
Web – Click Security, Port Security. Set the action to take when an invalid address is
detected on a port, mark the checkbox in the Status column to enable security for a
port, set the maximum number of MAC addresses allowed on a port, and click Apply.
Figure 3-64 Configuring Port Security
CLI – This example selects the target port, sets the port security action to send a
trap and disable the port, specifies the maximum number of MAC addresses allowed
on the port, and then enables port security for the port.
Web Authentication
Web authentication allows stations to authenticate and access the network in
situations where 802.1X or Network Access authentication are infeasible or
impractical. The web authentication feature allows unauthenticated hosts to request
and receive a DHCP assigned IP address and perform DNS queries. All other traffic,
except for HTTP protocol traffic, is blocked. The switch intercepts HTTP protocol
traffic and redirects it to a switch-generated web page that facilitates username and
password authentication via RADIUS. Once authentication is successful, the web
browser is forwarded on to the originally requested web page. Successful
authentication is valid for all hosts connected to the port.
Notes: 1.
RADIUS authentication must be activated and configured properly for the
web authentication feature to work properly. (See "Configuring Local/Remote
Logon Authentication" on page 3-72)
2.
Web authentication cannot be configured on trunk ports.
Console(config)#interface ethernet 1/5
Console(config-if)#port security action trap-and-shutdown
Console(config-if)#port security max-mac-count 20
Console(config-if)#port security
Console(config-if)#