Dell PowerConnect W-Airwave Configuration Manual page 76
W-airwave 7.1 configuration guide
Hide thumbs
Also See for PowerConnect W-Airwave:
- User manual (334 pages) ,
- Configuration manual (176 pages) ,
- Manual (50 pages)
Table of Contents
Advertisement
Table 17 Aruba Configuration > Profiles > AAA > 802.1x Auth Profile Settings
Field
General Settings
Folder
Name
Other Settings
Max Authentication
Failures
Enforce Machine
Authentication
Machine
Authentication:
Default Machine
Role
Machine
Authentication
Cache Timeout
(1-1000 hrs)
Blacklist on
Machine
Authentication
Failure
76
| Aruba Configuration Reference
Default
Description
Top
Use this field to set and display the folder with which the profile is
associated. The drop-down menu displays all folders available for
association with the profile.
Folders provide a way to organize the visibility of device parameters that is
separate from the configuration groups of devices. Using folders, you can
view basic statistics about device, and define which users have visibility to
which device parameters.
Blank
Enter the name of the profile.
0
Number of times a user can try to login with wrong credentials after which
the user will be blacklisted as a security threat.
Set to 0 to disable blacklisting, otherwise enter a non-zero integer to
blacklist the user after the specified number of failures.
This setting requires a wireless intrusion protection license.
No
(For Windows environments only) Select this option to enforce machine
authentication before user authentication. If selected, either the Machine
Authentication Default Role or the User Authentication Default Role is
assigned to the user, depending on which authentication is successful.
This setting requires a policy enforcement firewall license.
ap-role
Select the default role to be assigned to the user after completing machine
authentication.
24
When a Windows device boots, it logs onto the network domain using a
machine account. Within the domain, the device is authenticated before
computer group policies and software settings can be executed; this
process is known as machine authentication. Machine authentication
ensures that only authorized devices are allowed on the network.
You can configure 802.1x for both user and machine authentication (select
the Enforce Machine Authentication option described in Table 51 on page
272). This tightens the authentication process further since both the device
and user need to be authenticated.
Role Assignment with Machine Authentication Enabled
When you enable machine authentication, there are two additional roles
you can define in the 802.1x authentication profile:
Machine authentication default machine role
Machine authentication default user role
While you can select the same role for both options, you should define the
roles as per the polices that need to be enforced. Also, these roles can be
different from the 802.1x authentication default role configured in the AAA
profile.
With machine authentication enabled, the assigned role depends upon the
success or failure of the machine and user authentications. In certain
cases, the role that is ultimately assigned to a client can also depend upon
attributes returned by the authentication server or server derivation rules
configured on the controller.
This setting requires a policy enforcement firewall license.
No
Define whether the user is blacklisted upon authentication failure.
This setting requires a policy enforcement firewall license.
AirWave Wireless Management Suite | Configuration Guide
Advertisement
Table of Contents
