Reference Guide

ManualsBrandsDell ManualsTVs & monitorsW-620

Parameter Description Range Default

machine-default-role <role>

Default role assigned to the user after completing

only machine authentication.

— guest

user-default-role <role>

Default role assigned to the user after 802.1X

authentication.

— guest

max-authentication-failures

Number of times a user can try to login with wrong

credentials after which the user is blacklisted as a

security threat. Set to 0 to disable blacklisting,

otherwise enter a non-zero integer to blacklist the

user after the specified number of failures.

0-5 0

(disabled)

max-requests <number>

Maximum number of times ID requests are sent to

the client.

1-10 3

multicast-key

rotation

Enables multicast key rotation — disabled

Negates any configured parameter. — —

opp-key-caching

Enables a cached pairwise master key (PMK)

derived with a client and an associated AP to be

used when the client roams to a new AP. This

allows clients faster roaming without a full 802.1X

authentication.

NOTE: Make sure that the wireless client (the 802.1X

supplicant) supports this feature. If the client does

not support this feature, the client will attempt to

renegotiate the key whenever it roams to a new AP.

As a result, the key cached on the controller can be

out of sync with the key used by the client.

— enabled

reauth-max <number>

Maximum number of reauthentication attempts. 1-10 3

reauthentication

Select this option to force the client to do a 802.1X

reauthentication after the expiration of the default

timer for reauthentication. (The default value of the

timer is 24 hours.) If the user fails to reauthenticate

with valid credentials, the state of the user is

cleared.

If derivation rules are used to classify 802.1X-

authenticated users, then the reauthentication timer

per role overrides this setting.

— disabled

reload-cert

Reload Certificate for 802.1X termination. This

command is available in enable mode only.

— —

server

Sets options for sending authentication requests to

the authentication server group.

server-retry <number>

Maximum number of authentication requests that

are sent to server group.

0-3 2

server-retry-period <seconds>

Server group retry interval, in seconds. 5-65535 30

seconds

server-cert <certificate>

Server certificate used by the controller to

authenticate itself to the client.

— —

Dell PowerConnect W-Series ArubaOS 6.2 | Reference Guide aaa authentication dot1x | 21