User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

251

252

253

254

255

256

257

258

259

260

Parameter Description

(This parameter is applicable when 802.1X authentication is terminated on the

controller, also known as AAA FastConnect.) The allowed range of values for this

parameter is 0-3 failures, and the default value is 0.

Dynamic WEP Key

Message Retry Count

Set the Number of times WPA/WPA2 Key Messages are retried.

Range: 1-5 retries.

Default: 3 retries.

Dynamic WEP Key Size The default dynamic WEP key size is 128 bits, If desired, you can change this

parameter to 40 bits.

Interval between

WPA/WPA2 Key

Messages

Interval, in milliseconds, between each WPA key exchanges.

Range: 1000-5000 ms.

Default: 1000 ms.

Delay between EAP-

Success and WPA2

Unicast Key Exchange

Interval, in milliseconds, between EAP-Success and unicast key exchanges.

Range: 0-2000 ms.

Default: 0 ms (no delay).

Delay between

WPA/WPA2 Unicast Key

and Group Key

Exchange

Interval, in milliseconds, between unicast and multicast key exchange. Time

interval in milliseconds.

Range: 0-2000.

Default: 0 (no delay).

Time interval after

which the PMKSA will be

deleted

The time interval after which the PMKSA (Pairwise Master Key Security

Association) cache is deleted. Time interval in Hours.

Range: 1-2000.

Default: 8.

WPA/WPA2 Key

Message Retry Count

Number of times WPA/WPA2 key messages are retried.

Range: 1-5 retries.

Default: 3 retries.

Multicast Key Rotation Select this checkbox to enable multicast key rotation. This feature is disabled by

default.

Unicast Key Rotation Select this checkbox to enable unicast key rotation. This feature is disabled by

default.

Opportunistic Key

Caching

By default, the 802.1X authentication profile enables a cached pairwise master

key (PMK) which is derived through a client and an associated AP. This key is used

when the client roams to a new AP. This allows clients faster roaming without a

full 802.1x authentication. Uncheck this option to disable this feature.

NOTE: Make sure that the wireless client (the 802.1X supplicant) supports this

feature. If the client does not support this feature, the client will attempt to

renegotiate the key whenever it roams to a new AP. As a result, the key cached on

the controller can be out of sync with the client's key.

Validate PMKID This parameter instructs the controller to check the pairwise master key (PMK) ID

sent by the client. When you enable this option, the client must send a PMKID in

the associate or reassociate frame to indicate that it supports OKC or PMK

caching; otherwise, full 802.1x authentication takes place.

NOTE: This feature is optional, since most clients that support OKC and PMK

caching do not send the PMKID in their association request.

Table 47: 802.1x Authentication Profile Basic WebUI Parameters

Dell Networking W-Series ArubaOS 6.4.x | User Guide 802.1X Authentication | 259