1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. TrustSec
  6. Configuration manual

Web Authentication Proxy Configuration; Verifying Web Authentication Proxy Configuration - Cisco TrustSec Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Web Authentication Proxy Configuration

Web Authentication Proxy Configuration
Web Authentication Proxy (WebAuth) allows the user to use a web browser to transmit their login
credentials to the Cisco Secure ACS though a Cisco IOS web server on the access device. WebAuth can
be enabled independently. It does not require 802.1X or MAB to be configured.
The following example is a basic WebAuth configuration on a Gigabit Ethernet port:
switch(config)# ip http server
switch(config)# ip access-list extended POLICY
switch(config-ext-nacl)# permit udp any any eq bootps
switch(config-ext-nacl)# permit udp any any eq domain
switch(config)# ip admission name HTTP proxy http
switch(config)# fallback profile FALLBACK_PROFILE
switch(config-fallback-profile)# ip access-group POLICY in
switch(config-fallback-profile)# ip admission HTTP
switch(config)# interface GigabitEthernet2/1
switch(config-if)# authentication port-control auto
switch(config-if)# authentication fallback FALLBACK_PROFILE6500(config-if)#ip access-group
POLICY in
For additional information on configuring web-based authentication, see the configuration guide for
your access switch.
For additional information on the ip http server command, see the Cisco IOS Network Management
Command Reference entry at the at the following URL:
http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_08.html#wp1022387

Verifying Web Authentication Proxy Configuration

To verify the Web Authentication Proxy configuration, access the interface IP address with a web
browser. If configured correctly, the access device generates a challenge and accepts valid login
information.
To verify the Web Authentication proxy configuration with the CLI, use the show authentication
interface command.
switch# show authentication interface gigabitEthernet 2/1
Client list:
Interface
Gi2/1
Available methods list:
Handle
Runnable methods list:
Handle
Cisco TrustSec Configuration Guide
6-4
MAC Address
000c.293a.048e
Priority
Name
1
2
webauth
Priority
Name
1
0
webauth
Domain
Status
DATA
Authz Success
Chapter 6
Configuring Endpoint Admission Control
Session ID
AC1AD01F0000000904BBECD8
OL-22192-01
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco TrustSec

Related Content for Cisco TrustSec

Table of Contents