Configuration Guide User guide
1898 FastIron Configuration Guide
53-1002494-02
Web authentication mode configuration
NOTE
Passcodes are not stateful, meaning a software reset or reload will cause the system to erase the
passcode. When the FastIron switch comes back up, a new passcode will be generated.
Changing the passcode refresh duration
To change the duration of time after which passcodes are refreshed, enter commands such as the
following.
Brocade(config-vlan-10-webauth)#auth-mode passcode refresh-type duration 4320
The passcode will be refreshed after 4320 minutes (72 hours).
Syntax: auth-mode passcode refresh-type duration <value>
For <value>, enter a number from 5 to 9999 minutes. The default is 1440 minutes (24 hours).
Refreshing passcodes at a certain time of the day
You can configure the FastIron switch to refresh passcodes at a certain time of day, up to 24 times
each day, instead of after a duration of time. When this feature is enabled, by default passcodes
will be refreshed at 00:00 (12 midnight).
To configure the switch to refresh passcodes at a certain time of day, enter commands such as the
following.
Brocade(config-vlan-10-webauth)#auth-mode passcode refresh-type time 6:00
Brocade(config-vlan-10-webauth)#auth-mode passcode refresh-type time 14:30
The passcode will be refreshed at 6:00am, 2:30pm, and 0:00 (12 midnight).
Syntax: [no] auth-mode passcode refresh-type time <hh:mm>.
<hh:mm> is the hour and minutes. If you do not enter a value for <hh:mm>, by default, passcodes
will be refreshed at 00:00 (12:00 midnight). You can configure up to 24 refresh times. Each must
be at least five minutes apart.
Enter the no form of the command to remove the passcode refresh time of day.
Resetting the passcode refresh time of day configuration
If the FastIron switch is configured to refresh passcodes several times during the day (time of day
configuration), you can use the following comand to delete all of the configured times and revert
back to the default time of 00:00 (12 midnight).
Brocade(config-vlan-10-webauth)#auth-mode passcode refresh-type time delete-all
Syntax: auth-mode passcode refresh-type time delete-all
Configuring a grace period for an expired passcode
You can optionally configure a grace period for an expired passcode. The grace period is the period
of time that a passcode will remain valid, even after a new passcode is generated. For example, if
a five minute grace period is set and the passcode 1234 is refreshed to 5678, both passcodes will
be valid for five minutes, after which the 1234 passcode will expire and the 5678 passcode will
remain in effect.
To configure the grace period for an expired passcode, enter a command such as the following.