Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1961196219631964196519661967196819691970
FastIron Configuration Guide 1903
53-1002494-02
Web authentication options configuration
Configuring the re-authentication period
After a successful authentication, a user remains authenticated for a duration of time. At the end of
this duration, the host is automatically logged off. The user must be re-authenticated again. To set
the number of seconds a host remains authenticated before being logged off, enter a command
such as the following.
Brocade(config-vlan-10-webauth)#reauth-time 10
Syntax: [no] reauth-time <seconds>
You can specify 0 – 128000 seconds. The default is 28800 seconds, and 0 means the user is
always authenticated and will never have to re-authenticate, except if an inactive period less than
the re-authentication period is configured on the Web Authentication VLAN. If this is the case, the
user becomes de-authenticated if there is no activity and the timer for the inactive period expires.
Defining the web authentication cycle
You can set a limit as to how many seconds users have to be Web Authenticated by defining a cycle
time. This time begins at a user first Login attempt on the Login page. If the user has not been
authenticated successfully when this time expires, the user must enter a valid URL again to display
the Web Authentication Welcome page.
To define a cycle time, enter a command such as the following.
Brocade(config-vlan-10-webauth)#cycle time 20
Syntax: [no] cycle time <seconds>
Enter 0 – 3600 seconds, where 0 means there is no time limit. The default is 600 seconds
Limiting the number of web authentication attempts
You can set a limit on the number of times a user enters an invalid user name and password during
the specified cycle time. If the user exceeds the limit, the user is blocked for a duration of time,
which is defined by the block duration command. Also, the Web browser will be redirected to the
Exceeded Allowable Attempts webpage.
To limit the number of Web Authentication attempts, enter a command such as the following.
Brocade(config-vlan-10-webauth)#attempt-max-num 4
Syntax: [no] attempt-max-num <number>
Enter a number from 0 to 64, where 0 means there is no limit to the number of Web Authentication
attempts. The default is 5.
Clearing authenticated hosts from the web
authentication table
Use the following commands to clear dynamically-authenticated hosts from the Web Authentication
table.
To clear all authenticated hosts in a Web authentication VLAN, enter a command such as the
following.
Brocade#clear webauth vlan 25 authenticated-mac