Release Notes
28 | aaa authentication dot1x Dell Networking W-Series ArubaOS 6.4.x| Reference Guide
Parameter Description Range Default
clear
Clear the Cached PMK, Role
and VLAN entries. This
command is available in enable
mode only.
— —
countermeasures
Scans for message integrity
code (MIC) failures in traffic
received from clients. If there
are more than 2 MIC failures
within 60 seconds, the AP is
shut down for 60 seconds. This
option is intended to slow down
an attacker who is making a
large number of forgery
attempts in a short time.
— disabled
ca-cert <certificate>
CA certificate for client
authentication. The CA
certificate needs to be loaded
in the controller.
— —
cert-cn-lookup
If you use client certificates for
user authentication, enable this
option to verify that the
certificate's common name
exists in the server. This
parameter is disabled by
default.
— —
delete-keycache
Delete the key cache entry
when the user entry is deleted.
— disabled
eapol-logoff
Enables handling of EAPOL-
LOGOFF messages.
— disabled
enforce-suite-b-128
Configure Suite-B 128 bit or
more security level
authentication enforcement
disabled
enforce-suite-b-192
Configure Suite-B 192 bit or
more security level
authentication enforcement
disabled
framed-mtu <MTU>
Sets the framed MTU attribute
sent to the authentication
server.
500-1500 1100