set service-profile auth-fallthru 297
■ web-auth — Serves the user a web page from the WX switch’s
nonvolatile storage for login to the SSID.
Defaults — The default fallthru authentication type is web-auth.
If a username does not match a userglob in an authentication rule for the
SSID requested by the user, the WX switch that is managing the radio the
user is connected to redirects the user to a web page located on the WX
switch. The user must type a valid username and password on the web
page to access the SSID.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — The last-resort fallthru authentication type allows any user to
access any SSID managed by the service profile. This method does not
require the user to provide a username or password. Use the last-resort
method only if none of the SSIDs managed by the service profile require
secure access.
The web-auth authentication type also requires the following
configuration items:
■ Web AAA must be enabled (set web-auth enable command)
■ Web page on the WX switch containing the radio the user is on while
attempting to access the SSID. The web page is called wba_form.html.
If the WX switch contains a subdirectory named after the SSID the
user is requesting and that subdirectory contains a wba_form.html
page, that page is served to the user. Otherwise, the wba_form.html
page in the top-level directory is served.
■ Authentication rule for the userglob that matches the username (set
authentication web command)
■ Username and password configured in the local database (set user
command) or on a RADIUS server
Examples — The following command sets the fallthru authentication for
SSIDS managed by the service profile rnd_lab to none:
WX4400# set service-profile rnd_lab auth-fallthru none
success: change accepted.
