DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual
183
Web Authentication
Web authentication, also known as Web-based Access Control, is another port based access control method
implemented similarily to the 802.1X port based access control method previously stated. This function will allow user
authentication through a RADIUS server or through the local authentication set on the Switch when a user is trying to
access the network via the switch, if the port connected to the user is enabled for this feature.
The user attempting to gain web access will be prompted for a username and password before being allowed to
accept HTTP packets from the Switch. When a client attempts to access a website, that port is placed in the
authentication VLAN set by the user. All clients in this authentication VLAN will be queried for authentication by the
local method or through a RADIUS server. Once accepted, the user will be placed in a target VLAN on the Switch
where it will have rights and privileges to openly access the Internet. If denied access, no packets will pass through to
the user and thus, that user will be returned to the authentication VLAN from where it came and the authentication
procedure will have to be reattempted by the user.
Once a client has been authenticated on a particular port, that port will be placed in the pre-configured VLAN and any
other clients on that port will be automatically authenticated to access the specified Redirection Path URL, as well as
the authenticated client.
Here is an example of the basic six step process all parties of the authentication go through for a successful Web-
based Access Control process.