Release Notes
30 | aaa authentication dot1x Dell Networking W-Series ArubaOS 6.4.x| Reference Guide
Parameter Description Range Default
max-authentication-failures <number>
Number of times a user can try
to login with wrong credentials
after which the user is
blacklisted as a security threat.
Set to 0 to disable blacklisting,
otherwise enter a non-zero
integer to blacklist the user
after the specified number of
failures.
0-5 0
(disabled)
max-requests <number>
Maximum number of times ID
requests are sent to the client.
1-10 5
multicast-key
rotation
Enables multicast key rotation — disabled
no
Negates any configured
parameter.
— —
opp-key-caching
Enables a cached pairwise
master key (PMK) derived with
a client and an associated AP to
be used when the client roams
to a new AP. This allows clients
faster roaming without a full
802.1X authentication.
NOTE: Make sure that the
wireless client (the 802.1X
supplicant) supports this
feature. If the client does not
support this feature, the client
will attempt to renegotiate the
key whenever it roams to a new
AP. As a result, the key cached
on the controller can be out of
sync with the key used by the
client.
— enabled
reauth-max <number>
Maximum number of
reauthentication attempts.
1-10 3
reauth-server-termination-action
Specifies the termination-action
attribute from the server.
reauthentication
Select this option to force the
client to do a 802.1X
reauthentication after the
expiration of the default timer
for reauthentication. (The
default value of the timer is 24
hours.) If the user fails to
reauthenticate with valid
credentials, the state of the
user is cleared.
If derivation rules are used to
classify 802.1X-authenticated
users, then the
reauthentication timer per role
overrides this setting.
— disabled