Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
101102103104105106107108109110
looped back to an edge port will not be processed because they have a different
broadcast/multicast MAC address from the client-authenticated MAC address. To ensure that
client-authenticated edge ports get blocked when loops occur, you should enable loop protection
on those ports. See "Multiple Instance Spanning-Tree Operation" in the Advanced Traffic
Management Guide for your switch.
Because enhanced web-based authentication is configured per switch, each web-based
authentication enabled port displays the customized web pages you prepare for client login.
The use of customized web pages is enabled after you configure the valid IP address or host
name of an EWA server.
Customizing HTML templates
When you customize an HTML template, follow these guidelines:
Do not change the name of each HTML file (index.html, accept.html, and so on).
Some template pages use Embedded Switch Includes (ESIs) or Active Server Pages. These
should not be modified when customizing HTML files. ESIs behave as follows:
1. A client’s web browser sends a request for an HTML file. The switch passes the request
to a configured web server.
2. The web server responds by sending a customized HTML page to the switch. Each ESI
call in the HTML page is replaced with the value (in plain text) retrieved by the call.
3. The switch sends the final version of the HTML page to the client’s web browser.
Store all customized login web pages (including any graphics) that you create for client login
on each web server at the path you will configure with the aaa port-access web-based
ewa-server command.
Customizable HTML templates
The sample HTML files discribed in the following sections are customizable templates. To help you
create your own set HTML files, a set of the templates can be found on the download page for “K”
software.
Filename: index.html
The index.html file is the first login page displayed, in which a client requesting access to the
network enters a username and password. In the index.html template file, you can customize
any part of the source code except for the form that processes the username and password entered
by a client.
104 Web-based and MAC authentication