Configuration Commands For Web Authentication - HP 3500yl Series Access Security Manual

Note
• You can block only incoming traffic on a port before authentication
occurs. Outgoing traffic with unknown destination addresses is
flooded on unauthenticated ports configured for web authentication.
For example, Wake-on-LAN traffic is transmitted on a web-authenti-
cated egress port that has not yet transitioned to the authenticated
state;
10. Test both authorized and unauthorized access to your system to ensure
that Web Authentication works properly on the ports you have configured
for port-access using Web Authentication.
Client web browsers may not use a proxy server to access the network.

Configuration Commands for Web Authentication

Command
Configuration Level
aaa port-access <port-list > controlled-directions <both | in>
[no] aaa port-access web-based <port-list >
[auth-vid]
[clear-statistics]
[client-limit]
[dhcp-addr]
[dhcp-lease]
[ewa-server]
[logoff-period]
[max-requests]
[max-retries]
[quiet-period]
[reauth-period]
[reauthenticate]
[redirect-url]
[server-timeout]
[unauth-vid]
[access-denied-message <<access-denied-str> |
< radius-response>]
Web and MAC Authentication
Configuring Web Authentication
Page
4-20
4-22
4-22
4-22
4-22
4-23
4-23
4-23
4-24
4-24
4-24
4-24
4-25
4-25
4-25
4-25
4-53
4-19