Filter
Top Products
11-11
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 11 Configuring Web-Based Authentication
Configuring Web-Based Authentication
This example shows how to verify the configuration:
Switch# show ip admission configuration
Authentication Proxy Banner not configured
Authentication global cache time is 60 minutes
Authentication global absolute time is 0 minutes
Authentication global init state time is 2 minutes
Authentication Proxy Watch-list is disabled
Authentication Proxy Rule Configuration
Auth-proxy name webauth1
http list not specified inactivity-time 60 minutes
Authentication Proxy Auditing is disabled
Max Login attempts per user is 5
Configuring AAA Authentication
This example shows how to enable AAA:
Switch(config)# aaa new-model
Switch(config)# aaa authentication login default group tacacs+
Switch(config)# aaa authorization auth-proxy default group tacacs+
Configuring Switch-to-RADIUS-Server Communication
RADIUS security servers identification:
• Host name
• Host IP address
• Host name and specific UDP port numbers
• IP address and specific UDP port numbers
Command Purpose
Step 1
aaa new-model Enables AAA functionality.
Step 2
aaa authentication login default group {tacacs+ |
radius}
Defines the list of authentication methods at login.
Step 3
aaa authorization auth-proxy default group {tacacs+
| radius}
Create an authorization method list for web-based
authorization.
Step 4
tacacs-server host {hostname | ip_address} Specify an AAA server. For RADIUS servers, see the
“Configuring Switch-to-RADIUS-Server
Communication” section on page 11-11.
Step 5
tacacs-server key {key-data} Configure the authorization and encryption key used
between the switch and the TACACS server.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.