D-Link DGS-3612G - xStack Switch Reference Manual page 425

To set JWAC for the Switch, complete the following fields:
Parameter
JWAC Global State
Forcible Logout
UDP Filtering
RADIUS Protocol
Redirect State
Redirect Destination
Redirect Delay Time
(0-10 sec)
Virtual IP
URL
HTTP(S) Port (1-
65535)
RADIUS
Authorization
Local Authorization
Quarantine Server
Monitor
®
xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch
Description
JWAC Global Settings
Use this drop-down menu to either enable or disable JWAC on the Switch.
This parameter enables or disables JWAC Forcible Logout. When Forcible Logout is
Enabled, a Ping packet from an authenticated host to the JWAC Switch with TTL=1 will be
regarded as a logout request, and the host will move back to the unauthenticated state.
This parameter enables or disables JWAC UDP Filtering. When UDP Filtering is Enabled, all
UDP and ICMP packets except DHCP and DNS packets from unauthenticated hosts will be
dropped
This parameter specifies the RADIUS protocol used by JWAC to complete a RADIUS
authentication. The options include Local, EAP MD5, PAP, CHAP, MS CHAP, and MS
CHAPv2.
This parameter enables or disables JWAC Redirect. When the redirect quarantine server is
enabled, the unauthenticated host will be redirected to the quarantine server when it tries to
access a random URL. When the redirect JWAC login page is enabled, the unauthenticated
host will be redirected to the JWAC login page in the Switch to finish authentication. When
redirect is disabled, only access to the quarantine server and the JWAC login page from the
unauthenticated host are allowed, all other web access will be denied. NOTE: When enabling
redirect to the quarantine server, a quarantine server must be configured first.
This parameter specifies the destination before an unauthenticated host is redirected to either
the Quarantine Server or the JWAC Login Page.
This parameter specifies the Delay Time before an unauthenticated host is redirected to the
Quarantine Server or JWAC Login Page. Enter a value between 0 and 10 seconds. A value
of 0 indicates no delay in the redirect.
This parameter specifies the JWAC Virtual IP address that is used to accept authentication
requests from an unauthenticated host. Only requests sent to this IP will get a correct
response. NOTE: This IP does not respond to ARP requests or ICMP packets.
This parameter is used to set the URL of the virtual IP. Clients can use this FQDN URL to
access the JWAC login page instead of the real virtual IP.
This parameter specifies the TCP port number that the JWAC Switch listens to and uses to
finish the authentication process.
JWAC Authorization Network Settings
If Enabled, the authorized data assigned by the RADUIS server will be accepted when the
global authorization attributes are enabled. The default state is Enabled.
If Enabled, the authorized data assigned by the Local database will be accepted if the global
authorization attributes are enabled. The default state is Enabled.
Quarantine Server Settings
This parameter enables or disables the JWAC Quarantine Server Monitor. When Enabled,
the JWAC Switch will monitor the Quarantine Server to ensure the server is okay. If the
Switch detects no Quarantine Server, it will redirect all unauthenticated HTTP access
attempts to the JWAC Login Page forcibly if the Redirect is enabled and the Redirect
Destination is configured to be a Quarantine Server.
JWAC Settings
409