Concept Guide
Parameter Description Default
enable-fips
Enable the VIA(Federal
Information Processing
Standard) FIPS module so
VIA checks for FIPS com-
pliance during startup.
Disabled
enable-supplicant
If enabled, VIA starts in
bSec mode using L2 suite-b
cryptography. This option is
disabled by default.
Disabled
ext-download-url <ext-download-url>
End users will use this
URL to download VIA on
their computers.
—
ike-policy <ike-policy>
List of IKE policies that the
VIA Client has to use to
connect to the controller.
—
ikev2-policy
List of IKE V2 policies that
the VIA Client has to use
to connect to the
controller
—
ikev2-proto
Enable this to use IKEv2
protocol to establish VIA
sessions.
Disabled
ikev2auth
Use this option to set the
IKEv2 authentication
method. By default user
certificate is used for
authentication. The other
supported methods are
EAP-MSCHAPv2, EAP-TLS.
The EAP authentication is
done on an external
RADIUS server.
User
Certificates
ipsec-cryptomap
List of IPsec crypto maps
that the VIA client uses to
connect to the controller.
These IPsec Crypto Maps
are configured in the CLI
using the crypto-local
ipsec-map <ipsec-
map-name> command.
—
map <map>
—
number <number>
—
ipsecv2-cryptomap
List of IPSec V2 crypto
maps that the VIA client
uses to connect to the
controller.
—
lockdown-all-settings
Allows you to lockdown all Disabled.
Dell Networking W-Series ArubaOS 6.5.x | Reference Guide aaa authentication via connection-profile | 63