HP 6120G/XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 80
Overview, Web Authentication, Web and MAC Authentication, Feature, Default
View all HP 6120G/XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 80 highlights
Web and MAC Authentication Overview Overview Feature Configure Web Authentication Configure MAC Authentication Display Web Authentication Status and Configuration Display MAC Authentication Status and Configuration Default n/a n/a n/a n/a Menu - - - - CLI 3-20 3-50 3-28 3-54 Web - - - - Web and MAC authentication are designed for employment on the "edge" of a network to provide port-based security measures for protecting private networks and a switch from unauthorized access. Because neither method requires clients to run special supplicant software (unlike 802.1X authentication), both Web and MAC authentication are suitable for legacy systems and temporary access situations where introducing supplicant software is not an attractive option. Only a web browser (for Web authentication) or a MAC address (for MAC authentication) is required. Both Web and MAC authentication methods rely on a RADIUS server to authenticate network access. This simplifies access security management by allowing you to control access from a master database in a single server. (You can use up to three RADIUS servers to provide backups in case access to the primary server fails.) It also means the same credentials can be used for authentication, regardless of which switch or switch port is the current access point into the LAN. On a port configured for Web or MAC Authentication, the switch operates as a port-access authenticator using a RADIUS server and the CHAP protocol. Inbound traffic is processed by the switch alone, until authentication occurs. Some traffic from the switch to an unauthorized client is supported (for example, broadcast or unknown destination packets) before authentication occurs. Web Authentication The Web Authentication (Web-Auth) method uses a web page login to authenticate users for access to the network. When a client connects to the switch and opens a web browser, the switch automatically presents a login page. 3-3