Web authentication allows stations to authenticate and access the network in situations where 802.1X or Network Access authentication are infeasible or impractical. The web authentication feature allows unauthenticated hosts to request and receive a DHCP assigned IP address and perform DNS queries. All other traffic, except for HTTP protocol traffic, is blocked. The switch intercepts HTTP protocol traffic and redirects it to a switch-generated web page that facilitates user name and password authentication via RADIUS. Once authentication is successful, the web browser is forwarded on to the originally requested web page. Successful authentication is valid for all hosts connected to the port.
Note: RADIUS authentication must be activated and configured properly for the web authentication feature to work properly.
Note: Web authentication cannot be configured on trunk ports.
Use the Security > Web Authentication (Configure Global) page to edit the global parameters for web authentication.
Enables web authentication for the switch. (Default: Disabled)
Note that this feature must also be enabled for any port where required under the Configure Interface menu.
Configures how long an authenticated session stays active before it must re-authenticate itself. (Range: 300-3600 seconds; Default: 3600 seconds)
Configures how long a host must wait to attempt authentication again after it has exceeded the maximum allowable failed login attempts. (Range: 1-180 seconds; Default: 60 seconds)
Configures the amount of times a supplicant may attempt and fail authentication before it must wait the configured quiet period. (Range: 1-3 attempts; Default: 3 attempts)
Use the Security > Web Authentication (Configure Interface) page to enable web authentication on a port, and display information for any connected hosts.
Indicates the port being configured.
Configures the web authentication status for the port.
Indicates the IP address of each connected host.
Indicates the remaining time until the current authorization session for the host expires.
Enables web authentication if the Status box is checked.
Ends all authenticated web sessions for selected host IP addresses in the Authenticated Host List, and forces the users to re-authenticate.