D-Link DWS-1008 User Manual
SODA functionality on a switch is configured as follows:
1. Using SODA Manager, a network administrator creates a SODA agent based on the
security needs of the network.
2. The network administrator exports the SODA agent files from SODA Manager, and saves
them as a .zip file.
3. The SODA agent .zip file is uploaded to the switch using TFTP.
4. The SODA agent files are installed on the switch using a CLI command that extracts the
files from the .zip file and places them into a specified directory.
5. SODA functionality is enabled for an SSID that also has Web Portal WebAAA configured.
Once configured, SODA functionality works as follows:
1. A user connects to an AP managed by a service profile where SODA functionality is
enabled.
2. Since the Web Portal WebAAA feature is enabled for the SSID, a portal session is started
for the user, and the user is placed in the VLAN associated with the
web-portal-
ssid
or
web-portal-wired user.
3. The user opens a browser window and is redirected to a login page, where he or she
enters a username and password.
4. The user is redirected to a page called
index.html
, which exists in the SODA agent directory
on the switch.
5. The redirection to the
index.html
page causes the SODA agent files to be downloaded to
the user’s computer.
6. Once the SODA agent files have been downloaded, one of the following can take place:
a. If the switch is configured to enforce the SODA agent security checks (the default),
then the SODA agent checks are run on the user’s computer. If the user’s computer
passes the checks, then a customizable success page is loaded in the browser
window. The user is then moved from the portal VLAN to his or her configured
VLAN and granted access to the network.
b. If the switch is configured not to enforce the SODA agent security checks, then
the user is moved from the portal VLAN to his or her configured VLAN and
granted access to the network, without waiting for the SODA agent checks to be
completed.
c. If the user’s computer fails one of the SODA agent checks, then a customizable
failure page is loaded in the browser window. The user is then disconnected from
the network, or can optionally be granted limited network access, based on a
specified security ACL.
Summary of Contents for DWS-1008
Page 1: ......