xStack
®
DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch
283
To set JWAC for the Switch, complete the following fields:
Parameter Description
JWAC Global State Settings
JWAC Global State
Use this drop-down menu to either enable or disable JWAC on the Switch.
JWAC Configuration
Forcible Logout
This parameter enables or disables JWAC Forcible Logout. When Forcible Logout is
Enabled, a Ping packet from an authenticated host to the JWAC Switch with TTL=1 will be
regarded as a logout request, and the host will move back to the unauthenticated state.
UDP Filtering
This parameter enables or disables JWAC UDP Filtering. When UDP Filtering is Enabled, all
UDP and ICMP packets except DHCP and DNS packets from unauthenticated hosts will be
dropped
RADIUS Protocol
This parameter specifies the RADIUS protocol used by JWAC to complete a RADIUS
authentication. The options include Local, EAP MD5, PAP, CHAP, MS CHAP, and MS
CHAPv2.
Authentication
FailOver
When Authentication FailOver is Disabled, if the RADIUS servers are unreachable, the
authentication will fail. When the authentication FailOver is Enabled, if the RADIUS servers
are unreachable, the local database will be used to do the authentication. Authentication
FailOver is Disabled by default.
Redirect
This parameter enables or disables JWAC Redirect. When the redirect quarantine server is
enabled, the unauthenticated host will be redirected to the quarantine server when it tries to
access a random URL. When the redirect JWAC login page is enabled, the unauthenticated
host will be redirected to the JWAC login page in the Switch to finish authentication. When
redirect is disabled, only access to the quarantine server and the JWAC login page from the
unauthenticated host are allowed, all other web access will be denied. NOTE: When enabling
redirect to the quarantine server, a quarantine server must be configured first.
Redirect Destination
This parameter specifies the destination before an unauthenticated host is redirected to either
the Quarantine Server or the JWAC Login Page.
Redirect Delay Time
(0-10)
This parameter specifies the Delay Time before an unauthenticated host is redirected to the
Quarantine Server or JWAC Login Page. Enter a value between 0 and 10 seconds. A value
of 0 indicates no delay in the redirect.
Virtual IP
This parameter specifies the JWAC Virtual IP address that is used to accept authentication
requests from an unauthenticated host. Only requests sent to this IP will get a correct
response. NOTE: This IP does not respond to ARP requests or ICMP packets.
HTTPs Ports (1-
65535)
This parameter specifies the TCP port that the JWAC Switch listens to and uses to finish the
authentication process.
JWAC Authorization Network Configuration
RADIUS
Authorization
If Enabled, the authorized data assigned by the RADUIS server will be accepted when the
global authorization network is enabled. The default state is Enabled.
Local Authorization
If Enabled, the authorized data assigned by the Local database will be accepted if the global
authorization network is enabled. The default state is Enabled.
Quarantine Server Configuration
Quarantine Server
Monitor
This parameter enables or disables the JWAC Quarantine Server Monitor. When Enabled,
the JWAC Switch will monitor the Quarantine Server to ensure the server is okay. If the
Switch detects no Quarantine Server, it will redirect all unauthenticated HTTP access
To Next Page
Loading...
Need help?
General