the switch considers an implicit logoff (default 300)
o 'reauth-period' sets the period of time after which connected
clients must be re-authenticated. When the timeout is set
to 0 the re-authentication is disabled (default 0).
o 'auth-vid' congures the VLAN to which to move a port
after successful authentication. RADIUS server can
override the value. Use 'no' form of the command to set
this PVID to 0. If the PVID is set to 0 no PVID changes
occur unless RADIUS server requests. Changes take effect
immediately. All clients must immediately re-authenticate.
The default is 0.
o 'unauth-vid' congures the VLAN to which to move a port
after failed authentication. Use 'no' form of the command
to set this PVID to 0. Changes take effect immediately.
The default is 0.
o 'reauthenticate' forces re-authentication
of all clients present on a port.
Next Available Options:
■ web-list1 -- Manage web authentication based network authentication on the device port(s).
([ethernet] PORT-LIST) (p. 57)
■ dhcp-addr -- Set the base address / mask for the temporary pool used by DHCP (base address
default is 192.168.0.0, mask default is 24 - 255.255.255.0). (IP-ADDR/MASK-LENGTH) (p. 33)
■ dhcp-lease < 5 to 25 > -- Set the lease length of the IP address issued by DHCP (default 10).
(NUMBER) (p. 33)
■ ewa-server -- IP address or hostname of the enhanced web authentication server on the device.
(p. 34)
web-list1
■ [no] aaa port-access web-based [ETHERNET] PORT-LIST
Manage web authentication based network authentication on the device port(s).
Next Available Options:
■ client-limit < 1 to 32 > -- Set the port's maximum number of authenticated clients (default 1).
(NUMBER) (p. 31)
■ client-moves -- Set whether the client can move between ports (default disabled - no moves).(p.
31)
■ ssl-login -- Set whether to enable SSL login (https on port 443) (default disabled).(p. 50)
■ redirect-url -- Set the URL that the user should be redirected to after successful login (default
none), Specify url up to 103 characters length.(p. 48)
■ max-retries < 1 to 10 > -- Set number of times a client can enter their credentials before
authentication is considered to have failed (default 3). (NUMBER) (p. 39)
■ logoff-period < 1 to 9999999 > -- Set the period of time of inactivity that the switch considers
an implicit logoff (default 300 seconds). (NUMBER) (p. 36)
■ quiet-period < 1 to 65535 > -- Set the period of time the switch does not try to authenticate
(default 60 seconds). (NUMBER) (p. 47)
■ server-timeout < 1 to 300 > -- Set the authentication server response timeout (default 30
seconds). (NUMBER) (p. 50)
57© 2009 Hewlett-Packard Development Company, L.P.
aaaCommand Line Interface Reference Guide
