Displaying the Web Authentication configuration

Enter the show webauth command to display the configuration for Web Authentication. 

device# show webauth
=============================================================================
WEB AUTHENTICATION (VLAN 25): Enable
attempt-max-num: 5 (Default)
host-max-num: 0 (Default)
block duration: 90 (Default)
cycle-time: 600 (Default)
port-down-authenticated-mac-cleanup: Enable (Default)
reauth-time: 28800 (Default)
authenticated-mac-age-time: 3600 (Default)
dns-filter: Disable (Default)
authentication mode: username and password (Default)
  authentication methods: radius 
    Local user database name:  <none>
Radius accounting: Enable (Default)
Trusted port list:  None
Secure Login (HTTPS): Enable (Default)
Web Page Customizations:
  Top (Header): Default Text
  Bottom (Footer): Custom Text
         "SNL Copyright 2009"
  Title: Default Text
  Login Button: Custom Text
         "Sign On"
  Web Page Logo:  blogo.gif
    align: left (Default)
  Web Page Terms and Conditions: policy1.txt
Host statistics:
 Number of hosts dynamically authenticated: 0
 Number of hosts statically authenticated: 2
 Number of hosts dynamically blocked: 0
 Number of hosts statically blocked: 0
 Number of hosts authenticating: 1

The show webauth command displays the following information.

Table 43 Field description of the show webauth command output

Field

Description

WEB AUTHENTICATION (VLAN #)

Identifies the VLAN on which Web Authentication is enabled.

attempt-max-num

The maximum number of Web Authentication attempts during a cycle.

host-max-num

The maximum number of users that can be authenticated at one time.

block duration

The number of seconds a user who failed Web Authentication must wait before attempting to be authenticated.

cycle-time

The number of seconds in one Web Authentication cycle.

port-down-authenticated-mac-cleanup

Whether this option is enabled or disabled. If enabled, all authenticated users are de-authenticated if all the ports in the VLAN go down.

reauth-time

The number of seconds an authenticated user remains authenticated. Once this timer expires, the user must re-authenticate.

authenticated-mac-age-time

If a user is inactive, the number of seconds a user has before the user-associated MAC address is aged out. The user will be forced to re-authenticate.

dns-filter

Shows the definition of any DNS filter that has been set. (Refer to Filtering DNS queries.

authentication mode

The authentication mode:

  • username and password (default)
  • passcode
  • captive-portal
  • none

Also displays configuration details for the authentication mode.

RADIUS accounting

Whether RADIUS accounting is enabled or disabled.

Trusted port list

The statically configured trusted ports of the Web Authentication VLAN.

Secure login (HTTPS)

Whether HTTPS is enabled or disabled.

Web Page Customizations

The current configuration for the text that appears on the Web Authentication pages. Either "Custom Text" or "Default Text" displays for each page type:

  • "Custom Text" means the message for the page has been customized. The custom text is also displayed.
  • "Default Text" means the default message that ships with the FastIron switch is used.

The actual text on the Web Authentication pages can be displayed using the show webauth vlan <vlan-id> webpage command. Refer to Displaying text for Web Authentication pages.

Host statistics

The authentication status and the number of hosts in each state.

The show webauth command by itself displays information for all VLANs on which Web Authentication is enabled. The show webauth vlan vlan-id vlan-id command displays information for a specific VLAN.

Parent topic: Displaying Web Authentication information