User's Manual
492 | Access Points (APs) Dell Networking W-Series ArubaOS 6.4.x| User Guide
l RADIUS Accounting Server Group
For details on configuring an AAA profile, see WLAN Authentication on page 421.
l XML API server profile: specifies the IP address of an external XML API server. For additional information,
see Configuring the XML API Server on page 1024.
l RFC 3576 server: Specifies the IP address of a RFC 3576 RADIUS server. For additional information, see
Configuring an RFC-3576 RADIUS Server on page 232.
l MAC Authentication profile: defines parameters for MAC address authentication, including upper- or
lower-case MAC string, the diameter format in the string, and the maximum number of authentication
failures before a user is blacklisted. For additional information, see Configuring the MAC Authentication
Profile on page 250.
l Captive Portal Authentication profile: this profile directs clients to a web page that requires them to
enter a username and password before being granted access to the network. This profile defines login wait
times, the URLs for login and welcome pages, and manages the default user role for authenticated captive
portal clients.
You can also set the maximum number of authentication failures allowed per user before that user is
blacklisted. This profile includes a reference to a Server group profile. For complete information on
configuring a Captive portal authentication profile, refer to Captive Portal Authentication on page 299.
l WISPr authentication profile: WISPr authentication allows a “smart client” to authenticate on the
network when they roam between Wireless Internet Service Providers, even if the wireless hotspot uses an
ISP for which the client may not have an account. For more information on configuring WISPr
authentication, see Configuring WISPr Authentication on page 289.
l 802.1X authentication profile: defines default user roles for machine or 802.1X authentication, and
parameters for 8021.X termination and failed authentication attempts. For a list of the basic parameters in
the 802.1X authentication profile, refer to 802.1X Authentication on page 253
l RADIUS server profile: identifies the IP address of a RADIUS server and sets RADIUS server parameters
such as authentication and accounting ports and the maximum allowed number of authentication retries.
For a list of the parameters in the RADIUS profile, refer to Configuring a RADIUS Server on page 226
l LDAP server profile: defines an external LDAP authentication server that processes requests from the
controller. This profile specifies the authentication and accounting ports used by the server, as well as
administrator passwords, filters and keys for server access. For a list of the parameters in the LDAP profile,
refer to Configuring an LDAP Server on page 232
l TACACS server profile: specifies the TCP port used by the server, the timeout period for a TACACS+
request, and the maximum number of allowed retries per user. For a list of the parameters in the TACACS
profile, refer to Configuring a TACACS+ Server on page 234
l Server group: Tthis profile manages groups of servers for specific types of authentication. Server Groups
identify individual authentication servers and let you create rules for clients based on attributes returned
for the client by the server during authentication. For additional information on configuring server rules, see
Configuring Server-Derivation Rules on page 242
l VPN Authentication profile: this profile identifies the default role for authenticated VPN clients and also
references a server group. It also provides a separate VPN AAA authentication for a terminating remote AP
(default-rap) and a campus AP (default-CAP). If you want to simultaneously deploy various combinations of
a VPN client, RAP-psk, RAP-certs and CAP on the same controller, see Table 58.
l Management Authentication profile: enables or disables management authentication, and identifies
the default role for authenticated management clients. This profile also references a server group. For more
information on configuring a management authentication profile, see Management Authentication Profile
Parameters on page 789.
l Wired Authentication profile: This profile merely references an AAA profile to be used for wired
authentication. See Securing Wired Clients on page 865.