78 | Aruba Configuration Reference AirWave Wireless Management Suite | Configuration Guide
Maximum Number
of Times Held State
Can Be Bypassed
(0-3)
0 Define whether a held state can be bypassed, and the number of times this
is to be allowed.
Dynamic WEP Key
Message Retry
Count (1-3)
1 Define the number of times that failed authentication with a WEP key
should be allowed to retry authentication. The range is from 0 to 3
attempts.
A primary means of cracking WEP keys is to capture 802.11 frames over
an extended period of time and searching for such weak implementations
that are still used by many legacy devices.
Dynamic WEP Key
Size (bits)
128 Specify the maximum size of the WEP key in bits. The options are 40 or
128.
Interval Between
WPA/WPA2 Key
Messages
(10-5000 msec)
1000 Specify the key message interval in milliseconds.
Display Between
EAP-Success and
WPA2 Unicast Key
Exchange
(0-2000 msec)
0 Full field name is Delay between EAP-Success and WPA2 Unicast Key
Exchange.
Define EAP for RADIUS server authentication.
802.1x uses the Extensible Authentication Protocol (EAP) to exchange
messages during the authentication process. The authentication protocols
that operate inside the 802.1x framework that are suitable for wireless
networks include EAP-Transport Layer Security (EAP-TLS), Protected EAP
(PEAP), and EAP-Tunneled TLS (EAP-TTLS). These protocols allow the
network to authenticate the client while also allowing the client to
authenticate the network.
Delay between
WPA/WPA2 Unicast
Key Exchange
(0-2000 msec)
0 Specify the delay between processing these two key times during
authentication.
WPA/WPA2 Key
Message Retry
Count (1-10)
3 Specify the number of times that WPA or WPA2 keys are allowed to retry.
The supported range is from 1 to 10.
Multicast Key
Rotation
No Enable or disable multicast key rotation, and define the related settings on
this page for multicast key rotation time and interval if this field is enabled.
Unicast Key
Rotation
No Enable or disable unicast key rotation, and define the related settings on
this page for unicast key rotation time and interval if t his field is enabled.
Reauthentication No Enable or disable reauthentication. Although reauthentication and rekey
timers are configurable on a per-SSID basis, an 802.1x transaction during
a call can affect voice quality. If a client is on a call, 802.1x reauthentication
and rekey are disabled by default until the call is completed. You disable or
re-enable the “voice aware” feature in the 802.1x authentication profile.
Opportunistic Key
Caching
Yes Enable or disable opportunistic key caching (also configured in the 802.1x
Authentication profile). This supports WPA2 clients.
Validate PMKID No Define whether PMKID authentication should be validated.
Use Session Key No Specify whether a client session should use a security key.
Use Static Key No The IEEE 802.1x authentication standard allows for the use of keys that are
dynamically generated on a per-client basis, or as a static key that is the
same on all devices in the network). Define whether to use a static key with
this setting.
Table 17 Aruba Configuration > Profiles > AAA > 802.1x Auth Profile Settings (Continued)
Field Default Description
To Next Page
Loading...
