Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-3200

331

332

333

334

335

336

337

338

339

340

Parameter Description

xSec MTU Set the maximum transmission unit (MTU) for frames using the xSec protocol.

Range: 1024-1500 bytes.

Default: 1300 bytes.

Token Caching If you select EAP-GTC as the inner EAP method, you can select the Token

Caching checkbox to enable the controller to cache the username and password

of each authenticated user. The controller continues to reauthenticate users

with the remote authentication server. However, if the authentication server is

unavailable, the controller will inspect its cached credentials to reauthenticate

users.

This option is disabled by default.

Token Caching Period If you select EAP-GTC as the inner EAP method, you can specify the timeout

period, in hours, for the cached information. The default value is 24 hours.

CA-Certificate Click the CA-Certificate drop-down list and select a certificate for client

authentication. The CA certificate needs to be loaded in the controller before it

will appear on this list.

Server-Certificate Click the Server-Certificate drop-down list and select a server certificate the

controller will use to authenticate itself to the client.

TLS Guest Access Select TLS Guest Access to enable guest access for EAP-TLS users with valid

certificates. This option is disabled by default.

TLS Guest Role Click the TLS Guest Role drop-down list and select the default user role for EAP-

TLS guest users. This option may require a license.

Ignore EAPOL-START

after authentication

Select Ignore EAPOL-START after authentication to ignore EAPOL-START

messages after authentication. This option is disabled by default.

Handle EAPOL-Logoff Select Handle EAPOL-Logoff to enable handling of EAPOL-LOGOFF messages.

This option is disabled by default.

Ignore EAP ID during

negotiation

Select Ignore EAP ID during negotiation to ignore EAP IDs during negotiation.

This option is disabled by default.

WPA-Fast-Handover Select this option to enable WPA-fast-handover on phones that support this

feature. WAP fast-handover is disabled by default.

Disable rekey and

reauthentication for

clients on call

This feature disables rekey and reauthentication for VoWLAN clients. It is

disabled by default, meaning that rekey and reauthentication is enabled.

NOTE: This option may require a license This option may require a license.

Check certificate

common name

against AAA server

If you use client certificates for user authentication, enable this option to verify

that the certificate's common name exists in the server. This parameter is

enabled by default in the default-cap and default-rap VPN profiles, and disabled

by default on all other VPN profiles.

Table 68: 802.1x Authentication Profile Basic WebUI Parameters

Dell Networking W-Series ArubaOS 6.4.x | User Guide 802.1X Authentication | 334