Wac Global Settings - D-Link xStack DGS-3200-10 User Manual

xStack
Conditions and Limitations
1. If the client is utilizing DHCP to attain an IP address, the authentication VLAN must provide a DHCP server or a DHCP
relay function so that client may obtain an IP address.
2. Certain functions exist on the Switch that will filter HTTP packets, such as the Access Profile function. The user needs to
be very careful wh en settin g filter functions fo r th e targ et VLAN, so that th ese HTTP p ackets are no t denied by t he
Switch.
3. If a RADIUS serv er is to be used for authentication, the user must first establish a RADIUS Serv er with the appropriate
parameters, including the target VLAN, before enabling Web Authentication on the Switch.

WAC Global Settings

Users can configure the Switch for Web authentication.
To view the following window, click Security > Web-based Access Control (WAC) > WAC Global Settings:
To set the Web Authentication for the Switch, complete the following fields:
Parameter
WAC State
Virtual IP
HTTP(s) Port
(1-65535)
Method
Authentication
Failover
®
DGS-3200 Series Layer 2 Gigabit Ethernet Managed Switch
Figure 5 - 48. WAC Global Settings window
Description
Use the radio buttons to either enable or disable Web-based Access Control on the Switch.
Click the adjacent Apply button to set the desired WAC State.
Enter a virtual IP address. This address is only used by WAC and is not known by any other
modules of the Switch.
Enter a HTTP port number. Port 80 is the default.
Use this drop-down menu to choose the authenticator for Web-based Access Control. The
user may choose:
Local – Choose this parameter to use the local authentication method of the Switch as the
authenticating method for users trying to access the network via the switch. This is, in fact,
the username and password to access the Switch configured using the WAC User Settings
window (Security > Web-based Access Control (WAC) > WAC User Settings) seen
below.
RADIUS – Choose this parameter to use a remote RADIUS server as the authenticating
method for users trying to access the network via the switch. This RADIUS server must have
already been pre-assigned by the administrator using the Authentic RADIUS Server window
(Security > 802.1X > Authentic RADIUS Server).
Toggle between Enabled and Disabled. This is used to configure WAC authentication
failover. By default, the authentication failover is Disabled. If RADIUS servers are
unreachable, the authentication will fail. When the authentication failover is Enabled, if
RADIUS server authentication is unreachable, the local database will be used to do the
authentication.
166