Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
71727374757677787980
Forcing re-authentication of clients
Syntax:
[no]aaa port-access mac-based [e] port-list [ reauthenticate]
Forces a re-authentication of all attached clients on the port.
Specifying the period to wait for a server response to an authentication request
Syntax:
[no]aaa port-access mac-based [e] port-list [
server-timeout1-300]
Specifies the period, in seconds, the switch waits for a server response to an
authentication request. Depending on the current max-requests value, the switch
sends a new attempt or ends the authentication session.
Default: 30 seconds
Specifying the VLAN to use when authentication fails
Syntax:
[no]aaa port-access mac-based [e] port-list [ unauth-vidvid]
[no]aaa port-access mac-based [e] port-list [ unauth-vid]
Specifies the VLAN to use for a client that fails authentication. If unauth-vid is
0, no VLAN changes occur. Use the no form of the command to set the unauth-vid
to 0.
Default: 0
Configuring custom messages for failed logins
This feature allows administrators to configure custom messages that are displayed when
authentication with the RADIUS server fails. The messages are appended to existing internal web
pages that display during the authentication process. Messages can be configured using the CLI,
or centrally using the RADIUS server, and can provide a description of the reason for a failure as
well as possible steps to take to resolve the authentication issue. There is no change to the current
web-based authentication functionality.
Syntax:
[no]aaa port-access web-based access-denied-message <<access-denied-str>
| radius-response>
Specifies the text message (ASCII string) shown on the web page after an
unsuccessful login attempt. The message must be enclosed in quotes.
The [no] form of the command means that no message is displayed upon failure
to authenticate.
Default: The internal web page is used. No message will be displayed upon
authentication failure.
access-denied-str
The text message that is appended to the end of the web page when there is an unsuccessful
authentication request. The string can be up to 250 ASCII characters.
radius-response
Use the text message provided in the RADIUS server response to the authentication request.
Configuring MAC authentication on the switch 77