Web-Based Authentication questions

Unanswered Question
Feb 29th, 2012
User Badges:

Hi,


I want to configure a 3750 switch with Web-Based Authentication feature (so it's wired connections, not wireless).


My tests are doing well but I have some questions.


My setup : unmanaged switch connected to a 3750 interface. The 3750 is obviously doing the webauth. All devices are connected to the unmanaged switch. So in a way, all devices are using the same 3750 interface.


1- Is there a way to have a "bypass" list ? I have 2 desktop always connected and other devices will be laptop. I want desktop computers to not use

Web-Based Authentication, only laptop. So is there a way to bypass webauth for this machines (by mac address or something like this) ?


2- In my test lab, I'm able to use local auth without problem but when I'm trying with radius, I can't get it to work. Note that my radius server is working because I authenticating through it for my SSH access to the switch.


My working config :


aaa new-model

aaa group server radius rsa

server IP_ADDRESS auth-port 1812 acct-port 1813

!

aaa authentication login default local

aaa authentication login rsalogin group rsa local

aaa authorization exec default local

aaa authorization exec rsalogin group rsa local

aaa authorization auth-proxy default local



I'm switching to last line to this to use my radius :

aaa authorization auth-proxy default group rsa local


What am I missing ? Does the radius server must send something ? Is there a command I'm missing ?


the rest of my web auth config :


ip device tracking

ip admission name wa proxy http


interface GigabitEthernet1/0/48

switchport access vlan 2

switchport mode access

ip admission wa



Thank you and sorry for my english

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion