Release Notes
Parameter Description Range Default
heldstate-bypass-counter <number>
(This parameter is applicable
when 802.1X authentication is
terminated on the controller,
also known as AAA
FastConnect.) Number of
consecutive authentication
failures which, when reached,
causes the controller to not
respond to authentication
requests from a client while the
controller is in a held state
after the authentication failure.
Until this number is reached,
the controller responds to
authentication requests from
the client even while the
controller is in its held state.
0-3 0
ignore-eap-id-
match
Ignore EAP ID during
negotiation.
— disabled
ignore-eapol
start-afterauthentication
Ignores EAPOL-START
messages after authentication.
— disabled
machine-authentication
(For Windows environments
only) These parameters set
machine authentication:
NOTE: This parameter requires
the PEFNG license.
blacklist-on-failure
Blacklists the client if machine
authentication fails.
— disabled
cache-timeout <hours>
The timeout, in hours, for
machine authentication.
1-1000 24 hours
(1 day)
enable
Select this option to enforce
machine authentication before
user authentication. If selected,
either the machine-default-role
or the user-default-role is
assigned to the user,
depending on which
authentication is successful.
— disabled
machine-default-role <role>
Default role assigned to the
user after completing only
machine authentication.
— guest
user-default-role <role>
Default role assigned to the
user after 802.1X
authentication.
— guest
Dell Networking W-Series ArubaOS 6.4.x | Reference Guide aaa authentication dot1x | 29