Configuration Guide User guide
FastIron Configuration Guide 1891
53-1002494-02
Enabling and disabling web authentication
Brocade(config)# ip ssl private-key-file tftp <ip-addr> <key-filename>
• Generate one using the following global CLI command.
Brocade(config)#crypto-ssl certificate generate default_cert
5. Create a Web Authentication VLAN and enable Web Authentication on that VLAN.
Brocade(config)#vlan 10
Brocade(config-vlan-10)#webauth
Brocade(config-vlan-10-webauth)#enable
Once enabled, the CLI changes to the "webauth" configuration level. In the example above,
VLAN 10 will require hosts to be authenticated using Web Authentication before they can
forward traffic.
6. Configure the Web Authentication mode:
• Username and password – Blocks users from accessing the switch until they enter a valid
username and password on a web login page.
• Passcode – Blocks users from accessing the switch until they enter a valid passcode on a
web login page.
• None – Blocks users from accessing the switch until they press the ’Login’ button. A
username and password or passcode is not required.
Refer to “Web authentication mode configuration” on page 1892.
7. Configure other Web Authentication options (refer to “Web authentication options
configuration” on page 1901).
Enabling and disabling web authentication
Web Authentication is disabled by default. To enable it, enter the following commands.
Brocade(config)#vlan 10
Brocade(config-vlan-10)webauth
Brocade(config(config-vlan-10-webauth)#enable
The first command changes the CLI level to the VLAN configuration level. The second command
changes the configuration level to the Web Authentication VLAN level. The last command enables
Web Authentication. In the example above, VLAN 10 will require hosts to be authenticated using
Web Authentication before they can forward traffic.
Syntax: webauth
FastIron devices support a maximum of two Web Authentication VLANs.
Syntax: [no] enable
Enter the no enable command to disable Web Authentication.