Hi, I'm using catalyst 3750s and cisco acs 4.1 to authenticate clients but I need help. The docs tell how to configure basic web auth on ports but I need more details as I'm very new to this. For example, do I need an external webserver to serve the login page? Does anyone have an example of a login page code/script to share? How do I configure the web redirection?
You don't need an external webserver and you don't need to configure redirection. When you configure web auth, the 3750 itself acts as a webserver and presents a default login page to the end user to enter his/her credentials.
Ok, I may not have explained myself properly. This is required to give clients Internet Access but only if they authenticate first against a radius server (The ACS) Not all clients will have 802.1x clients so I am considering the web authentication method. So when a client connects his laptop to the switch via ethernet he gets an IP Address via DHCP but then needs to authenticate against a radius server before he can get access to the Internet.
I have configured as to the directions in the documentation. I am getting the IP Address via DHCP but when I launch a browser nothing happens (I am of the opinion that I should get some default login page) The only login page I get is if I point my browser to the switch IP Address but this only grants me access to the switch itself. This is my config:
aaa authentication login default local group radius
aaa authorization network default local group radius
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...