95
Enhancements
Release L.11.08 Enhancements
■
Web:
Enables RADIUS authentication for web browser interface access to the switch.
You can configure
radius
as the primary password authentication method for the above access
methods. You also need to select either
local
,
none, or authorized
as a secondary, or backup, method.
C a u t i o n
Configuring
authorized
as the secondary authentication method used when there is a failure accessing
the RADIUS servers allows clients to access the network unconditionally. Use this method with care.
You can configure
local
,
chap-radius
or
eap-radius
as the primary password authentication method
for the port-access method. You also need to select
none or authorized
as a secondary, or backup,
method.
You can configure
chap-radius
as the primary password authentication method for web-based or mac-
based port-access methods. You also need to select
none or authorized
as a secondary, or backup,
method.
Syntax:
aaa authentication < console | telnet | ssh | web >
< enable | login >
radius
Configures RADIUS as the primary password authentication method for console, Telnet,
SSH, and the web browser interface. (The default primary
< enable | login >
authentica-
tion is
local
.)
[< local | none | authorized >]
Provides options for secondary authentication (default:
none
).
Syntax:
aaa authentication port-access <chap-radius |eap-radius | local>
Configures
local
,
chap-radius
, or
eap-radius
as the primary password authentication
method for port-access. The default primary authentication is
local
.
[<none | authorized >]
Provides options for secondary authentication. The
none
option specifies
that a backup authentication method is not used. The
authorized
option
allows access without authentication. (default:
none
).
Syntax:
aaa authentication <mac-based | web-based> chap-radius
Configures
chap-radius
as the primary password authentication method for mac-based
or web-based port access.
[<none | authorized >]
Provides options for secondary authentication. The
none
option specifies
that a backup authentication method is not used. The
authorized
option
allows access without authentication. (default:
none
).