How web and mac authentication operate, Authenticator operation, Web-based authentication – HP 2600 Series User Manual

3-5

Web and MAC Authentication for the Series 2600/2600-PWR and 2800 Switches

How Web and MAC Authentication Operate

How Web and MAC Authentication
Operate

Authenticator Operation

Before gaining access to the network clients first present their authentication
credentials to the switch. The switch then verifies the supplied credentials
with a RADIUS authentication server. Successfully authenticated clients
receive access to the network, as defined by the System Administrator. Clients
who fail to authenticate successfully receive no network access or limited
network access as defined by the System Administrator.

Web-based Authentication

When a client connects to a Web-Auth enabled port communication is redi-
rected to the switch. A temporary IP address is assigned by the switch and a
login screen is presented for the client to enter their credentials.

Figure 3-1. Example of User Login Screen

The temporary IP address pool can be specified using the

dhcp-addr and

dhcp-lease options of the aaa port-access web-based command. If SSL is
enabled on the switch and

ssl-login is enabled on the port the client is

redirected to a secure login page (https://...).

The switch passes the supplied username and password to the RADIUS server
for authentication.