User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

341

342

343

344

345

346

347

348

349

350

Parameter

Description

default default-rap default-cap

OSPF using IPC.

NOTE: Note that the

Framed-IP-Address

attribute is assigned the

IP address as long as the

any server returns the

attribute. The Framed-IP-

Address value always has

a higher priority than the

local address pool.

User idle timeout

The user idle timeout

value for this profile. Spe-

cify the idle timeout value

for the client in seconds.

Valid range is 30-15300 in

multiples of 30 seconds.

Enabling this option over-

rides the global settings

configured in the AAA

timers. If this is disabled,

the global settings are

used.

disabled N/A N/A

PAN firewalls Integration Requires IP mapping at

Palo Alto Networks fire-

walls.

disabled disabled disabled

To edit the default VPN authentication profile:

1. Navigate to the Configuration > Advanced Services > All Profiles > VPN Authentication >

defaultpage.

2. In the Profiles list in the left window pane, select the default VPN Authentication Profile.

3. Click the Default Role drop-down list, and select the default user role for authenticated VPN users. (For

detailed information on creating and managing user roles and policies, see Roles and Policies on page 364.)

4. (Optional) If you use client certificates for user authentication, select the Check certificate common

name against AAA server checkbox to verify that the certificate's common name exists in the server.

This parameter is enabled by default in the default-cap and default-rap VPN profiles, and disabled by

default on all other VPN profiles.

5. (Optional) Set Max Authentication failures to an integer value. The default value is 0, which disables this

feature.

6. (Optional) Regardless of how an authentication server is contacted, the Export VPN IP address as a

route option causes any VPN client address to be exported to OSPF using IPC. Note that the Framed-IP-

Address attribute is assigned the IP address as long as any server returns the attribute. The Framed-IP-

Address value always has a higher priority than the local address pool.

7. (Optional) Enabling PAN firewalls Integration requires IPmapping at Palo Alto Networks firewalls. (For more

information about PAN firewall integration, see Palo Alto Networks Firewall Integration on page 620.)

8. Click Apply.

9. In the Default profile menu in the left window pane, select Server Group.

Dell Networking W-Series ArubaOS 6.4.x | User Guide Virtual Private Networks | 341