1322 PowerConnect B-Series FCX Configuration Guide
Configuring web authentication options
Instead of just entering a duration for how long the MAC address remains authenticated, you can
specify the MAC address to be added by the specified port that is a member of the VLAN. To do this,
enter values for the ethernet <port> duration <seconds> option. Enter the port number and the
number of seconds the MAC address remains authenticated.
Entering a no add mac <mac-address> duration <seconds> | ethernet <port> duration <seconds>
command sets duration and ethernet to their default values. If you want to remove a host, enter the
no add mac <mac-address> command.
If a MAC address is statically configured, this MAC address will not be allowed to be dynamically
configured on any port.
Configuring the re-authentication period
After a successful authentication, a user remains authenticated for a duration of time. At the end of
this duration, the host is automatically logged off. The user must be re-authenticated again. To set
the number of seconds a host remains authenticated before being logged off, enter a command
such as the following.
PowerConnect(config-vlan-10-webauth)#reauth-time 10
Syntax: [no] reauth-time <seconds>
You can specify 0 – 128000 seconds. The default is 28800 seconds, and 0 means the user is
always authenticated and will never have to re-authenticate, except if an inactive period less than
the re-authentication period is configured on the Web Authentication VLAN. If this is the case, the
user becomes de-authenticated if there is no activity and the timer for the inactive period expires.
Defining the web authentication cycle
You can set a limit as to how many seconds users have to be Web Authenticated by defining a cycle
time. This time begins at a user first Login attempt on the Login page. If the user has not been
authenticated successfully when this time expires, the user must enter a valid URL again to display
the Web Authentication Welcome page.
To define a cycle time, enter a command such as the following.
PowerConnect(config-vlan-10-webauth)#cycle time 20
Syntax: [no] cycle time <seconds>
Enter 0 – 3600 seconds, where 0 means there is no time limit. The default is 600 seconds
Limiting the number of web authentication attempts
You can set a limit on the number of times a user enters an invalid user name and password during
the specified cycle time. If the user exceeds the limit, the user is blocked for a duration of time,
which is defined by the block duration command. Also, the Web browser will be redirected to the
Exceeded Allowable Attempts webpage.
To limit the number of Web Authentication attempts, enter a command such as the following.
PowerConnect(config-vlan-10-webauth)#attempt-max-num 4
Syntax: [no] attempt-max-num <number>