Configuring Local Database Authentication - Extreme Networks ExtremeWare XOS Guide Manual

If you do not specify a URL, the network login infrastructure uses the default redirect page URL,
●
http://www.extremenetworks.com
command.
redirect-page
VSA 204 applies only to the web-based authentication mode of Network Login.
VSA 204 Example. The following example modifies the VSA to specify the destination URL after
successful authentication. To configure the redirect URL as http://www.myhomepage.com, do the
following:
Extreme: Netlogin-URL = http://www.myhomepage.com
VSA 205—Extreme: Netlogin-URL-Desc. The following describes the guidelines for VSA 205:
To include a description of the redirect page URL (as specified by VSA 204), use an ASCII string.
●
To let the user know where they will be redirected to after authentication, use an ASCII string to
●
provide a brief description of the URL.
VSA 205 applies only to the web-based authentication mode of Network Login.
VSA 205 Example. The following example modifies the VSA to describe the network login URL. To
describe the network login URL as my home page, do the following:
Extreme: Netlogin-URL-Desc = homepage
VSA 206—Extreme: Netlogin-Only. The following describes the guidelines for VSA 206:
To specify that a user can authenticate only via network login, use a value of "1" (enabled).
●
To specify that a user can authenticate via other methods, use a value of "0" (disabled).
●
VSA 206 Example. See the examples described in the section
Server" on page 351.

Configuring Local Database Authentication

You can configure the switch to use its local database for web-based and MAC-based network login
authentication. 802.1x network login does not support local database authentication. Local
authentication essentially mimics the functionality of the remote RADIUS server locally. This method of
authentication is useful in the following situations:
If both the primary and secondary (if configured) RADIUS servers timeout or are unable to respond
●
to authentication requests.
If no RADIUS servers are configured.
●
If the RADIUS server used for network login authentication is disabled.
●
If any of the above conditions are met, the switch checks for a local user account and attempts to
authenticate against that local account.
For local authentication to occur, you must configure the switch's local database with a user name and
password for network login. Beginning with ExtremeWare XOS 11.3 you can also specify the destination
VLAN to enter upon a successful authentication. The following sections describe the commands used to
configure your switch for local database authentication.
If you have a BlackDiamond 8800 family switch or a Summit X450 switch, you can also use local
database authentication in conjunction with netlogin MAC-based VLANs. For more detailed
ExtremeWare XOS 11.3 Concepts Guide
, or the URL that you configured using the
Authenticating Users
configure netlogin
"Creating User Accounts on the RADIUS
355