The following table describes the fields in the display:

Field

Description

ssid-name

Service set identifier (SSID) managed by this service profile.

 

 

 

SSID type:

ssid-type

crypto—Wireless traffic for the SSID is encrypted.

 

clear—Wireless traffic for the SSID is unencrypted.

 

 

 

Indicates whether the radio sends beacons, to advertise the SSID:

Beacon

• no

 

• yes

 

 

Proxy ARP

Indicates whether proxy ARP is enabled. When this feature is enabled, MSS

answers ARP requests on behalf of wireless clients.

 

 

 

 

Indicates whether DHCP Restrict is enabled. When this feature is enabled,

DHCP restrict

MSS allows only DHCP traffic for a new client until the client has successfully

 

completed authentication and authorization.

 

 

 

Indicates whether broadcast restriction is enabled. When this feature is enabled,

No broadcast

MSS sends ARP requests and DHCP Offers and Acks as unicasts to their target

 

clients instead of forwarding them as broadcasts.

 

 

Short retry limit

Number of times a radio serving the service-profile’s SSID can send a short

unicast frame without receiving an acknowledgment.

 

 

 

 

Number of times a radio serving the service-profile’s SSID can send a long

Long retry limit

unicast frame without receiving an acknowledgment. A long unicast frame is a

 

frame that is equal to or longer than the RTS threshold.

 

 

 

Secondary (fallthru) encryption type when a user tries to authenticate but the

 

DWL-1008 switch managing the radio does not have an authentication rule with

 

a userglob that matches the username.

Auth fallthru

last-resort—Automatically authenticates the user and allows access to the

 

 

SSID requested by the user, without requiring a username and password.

 

none—Denies authentication and prohibits the user from accessing the SSID.

 

web-portal—Redirects the user to a web page for login to the SSID.

 

 

Sygate On-Demand

Whether SODA functionality is enabled for the service profile. When SODA

functionality is enabled, connecting clients download SODA agent files, which

(SODA)

perform security checks on the client.

 

 

 

 

Whether a client is allowed access to the network after it has downloaded and

 

run the SODA agent security checks. When SODA functionality is enabled,

Enforce SODA checks

and the DWS-1008 is configured to enforce SODA checks, then a connecting

 

client must download the SODA agent files and pass the checks in order to gain

 

access to the network.

 

 

 

The name of the ACL to be applied to the client if it fails the SODA agent checks.

SODA remediation ACL

If no remediation ACL is specified, then a client is disconnected from the network

 

if it fails the SODA agent checks.

 

 

Custom success

The name of the user-specified page that the client loads upon successful

completion of the SODA agent checks. If no page is specified, then the success

web-page

page is generated dynamically.

 

 

 

Custom failure web-page

The name of the user-specified page that the client loads if it fails SODA agent

checks. If no page is specified, then the failure page is generated dynamically.

 

 

 

D-Link DWS-1008 CLI Manual

425

Page 428
Image 428
D-Link dws-1008 manual Link DWS-1008 CLI Manual 425, Soda