Web Login Authentication Using Smart Cards - AudioCodes Mediant 3000 User Manual

7.6

Web Login Authentication using Smart Cards

You can enable Web login authentication using certificates from a third-party, common
access card (CAC) with user identification. When a user attempts to access the device
through the Web browser (HTTPS), the device retrieves the Web user's login username
(and other information, if required) from the CAC. The user attempting to access the device
is only required to provide the login password. Typically, a TLS connection is established
between the CAC and the device's Web interface, and a RADIUS server is implemented to
authenticate the password with the username. Therefore, this feature implements a two-
factor authentication - what the user has (i.e., the physical card) and what the user knows
(i.e., the login password).
This feature is enabled using the EnableMgmtTwoFactorAuthentication parameter.
Note: For specific integration requirements for implementing a third-party smart card
for Web login authentication, contact your AudioCodes representative.

To log in to the Web interface using CAC:
1. Insert the Common Access Card into the card reader.
2. Access the device using the following URL: https://<host name or IP address>; the
device prompts for a username and password.
3. Enter the password only. As some browsers require that the username be provided,
it's recommended to enter the username with an arbitrary value.
User's Manual 78
Mediant 3000
Document #: LTRT-89738