xStack DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch
241
To set the Web Authentication for the Switch, complete the following fields:
Parameter Description
JWAC Global State Settings
JWAC Global State
Use this drop-down menu to either enable or disable JWAC on the Switch.
JWAC Configuration
Forcible Logout
This parameter enables or disables JWAC Forcible Logout. When Forcible Logout is
Enabled, a Ping packet from an authenticated host to the JWAC Switch with TTL=1 will be
regarded as a logout request, and the host will move back to the unauthenticated state.
UDP Filtering
This parameter enables or disables JWAC UDP Filtering. When UDP Filtering is Enabled, all
UDP and ICMP packets except DHCP and DNS packets from unauthenticated hosts will be
dropped
RADIUS Protocol
This parameter specifies the RADIUS protocol used by JWAC to complete a RADIUS
authentication. The options include Local, EAP MD5, PAP, CHAP, MS CHAP, and MS
CHAPv2.
Redirect
This parameter enables or disables JWAC Redirect. When the redirect quarantine server is
enabled, the unauthenticated host will be redirected to the quarantine server when it tries to
access a random URL. When the redirect JWAC login page is enabled, the unauthenticated
host will be redirected to the JWAC login page in the Switch to finish authentication. When
redirect is disabled, only access to the quarantine server and the JWAC login page from the
unauthenticated host are allowed, all other web access will be denied. NOTE: When enabling
redirect to the quarantine server, a quarantine server must be configured first.
Redirect Destination
This parameter specifies the destination before an unauthenticated host is redirected to
either the Quarantine Server or the JWAC Login Page.
Redirect Delay Time
(0-10)
This parameter specifies the Delay Time before an unauthenticated host is redirected to the
Quarantine Server or JWAC Login Page. Enter a value between 0 and 10 seconds. A value
of 0 indicates no delay in the redirect.
Virtual IP
This parameter specifies the JWAC Virtual IP address that is used to accept authentication
requests from an unauthenticated host. Only requests sent to this IP will get a correct
response. NOTE: This IP does not respond to ARP requests or ICMP packets.
HTTPs Ports (1-
65535)
This parameter specifies the TCP port that the JWAC Switch listens to and uses to finish the
authentication process.
Quarantine Server Configuration
Quarantine Server
Monitor
This parameter enables or disables the JWAC Quarantine Server Monitor. When Enabled,
the JWAC Switch will monitor the Quarantine Server to ensure the server is okay. If the
Switch detects no Quarantine Server, it will redirect all unauthenticated HTTP access
attempts to the JWAC Login Page forcibly if the Redirect is enabled and the Redirect
Destination is configured to be a Quarantine Server.
Error Timeout (5-
300)
This parameter is used to set the Quarantine Server Error Timeout. When the Quarantine
Server Monitor is enabled, the JWAC Switch will periodically check if the Quarantine works
okay. If the Switch does not receive any response from the Quarantine Server during the
configured Error Timeout, the Switch then regards it as not working properly. Enter a value
between 5 and 300 seconds.
Quarantine Server
URL
This parameter specifies the JWAC Quarantine Server URL. If the Redirect is enabled and
the Redirect Destination is the Quarantine Server, when an unauthenticated host sends the
HTTP request packets to a random Web server, the Switch will handle this HTTP packet and
send back a message to the host to allow it access to the Quarantine Server with the
To Next Page
Loading...
