10-16
Catalyst 2928 Switch Software Configuration Guide
OL-23389-01
Chapter 10 Configuring Web-Based Authentication
Configuring Web-Based Authentication
This example shows how to determine whether any connected hosts are in the AAA Down state:
Switch#
show ip admission cache
Authentication Proxy Cache
Client IP 209.165.201.11 Port 0, timeout 60, state ESTAB (
AAA Down
)
This example shows how to view detailed information about a particular session based on the host IP
address:
Switch#
show ip admission cache 209.165.201.11
Address : 209.165.201.11
MAC Address : 0000.0000.0000
Interface : Vlan333
Port : 3999
Timeout : 60
Age : 1
State :
AAA Down
AAA Down policy :
AAA_FAIL_POLICY
Configuring the Web-Based Authentication Parameters
You can configure the maximum number of failed login attempts before the client is placed in a watch
list for a waiting period.
This example shows how to set the maximum number of failed login attempts to 10:
Switch(config)#
ip admission max-login-attempts 10
Configuring a Web Authentication Local Banner
Beginning in privileged EXEC mode, follow these steps to configure a local banner on a switch that has
web authentication configured.
Command
Purpose
Step 1
ip admission max-login-attempts
number
Set the maximum number of failed login attempts. The
range is 1 to 2147483647 attempts. The default is 5.
Step 2
end
Returns to privileged EXEC mode.
Step 3
show ip admission configuration
Display the authentication proxy configuration.
Step 4
show ip admission cache
Display the list of authentication entries.
Step 5
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
ip admission auth-proxy-banner http
[
banner-text | file-path
]
Enable the local banner.
(Optional) Create a custom banner by entering
C banner-text C,
where
C
is a delimiting character or a file-path indicates a file (for example, a
logo or text file) that appears in the banner.