Mac-Based Authentication - Extreme Networks ExtremeWare XOS Guide Manual
Concepts guide
Hide thumbs
Also See for ExtremeWare XOS Guide:
- Command reference manual (2024 pages) ,
- Manual (698 pages) ,
- Manual (256 pages)
Table of Contents
Advertisement
To configure the network login redirect page, use the following command:
configure netlogin redirect-page <url>
Where
defines the redirection information for the users once logged in. This redirection
<url>
information is used only in case the redirection info is missing from RADIUS server. For example,
configure netlogin base-url http://www.extremenetworks.com
after they get logged in.
To enable or disable the network login session refresh, use one of the following commands:
enable netlogin session-refresh {<minutes>}
disable netlogin session-refresh
Where
ranges from 1 - 255. The default setting is 3 minutes.
<minutes>
makes the logout window refresh itself at every configured time interval.
refresh
is disabled by default. When you configure the Network Login session refresh for the logout window
on a BlackDiamond, ensure that the FDB aging timer is greater than the Network Login session refresh
timer.
To enable or disable network login logout privilege, use one of the following commands:
enable netlogin logout-privilege
disable netlogin logout-privilege
This command turns the privilege for netlogin users to logout by popping up (or not popping up) the
logout window.
Logout-privilege
To enable or disable network login, use one of the following commands:
enable netlogin [{dot1x} {mac} {web-based}]
disable netlogin [{dot1x} {mac} {web-based}]
By default netlogin is disabled.
To show all network login parameters, use the following command:
show netlogin {port <portlist> vlan <vlan name>} {dot1x {detail}} {mac} {web-based}
MAC-Based Authentication
This method is used for supplicants that do not support a network login mode, or supplicants that are
not aware of the existence of such security measure, for example an IP phone.
If a MAC address is detected on a MAC-Based enabled NetLogin port, an authentication request will be
sent once to the AAA application. AAA tries to authenticate the MAC address against the configured
radius server and it's configured parameters (timeout, retries, etc.).
The credentials used for this are the supplicants MAC address in ASCII representation, and a locally
configured password on the switch. If no password is configured, the MAC address is used as the
password. You can also group MAC addresses together using a mask.
If no match if found in the table of MAC entries, and a default entry exists, the default will be used to
authenticate the client. All entries in the list are automatically sorted in longest prefix order. All
passwords are stored and showed encrypted.
ExtremeWare XOS 11.1 Concepts Guide
is enabled by default.
Network Login
redirects all users to this URL
enable netlogin session-
Session -refresh
237
Advertisement
Table of Contents
