aaa authentication dot1x "corp-1x" machine-authentication enable machine-authentication machine-default-role "x-comp" machine-authentication user-default-role "x-user" reauthentication aaa profile "corp-AAA" initial-role "x-init" authentication-dot1x "corp-1x" dot1x-default-role "x-auth" dot1x-server-group "RADIUS_servers" enforce-dhcp (WLC) # show aaa authentication dot1x corp-1x 802.1X Authentication Profile "corp-1x" --------------------------------------- Parameter Value --------- ----- Max authentication failures 0 Enforce Machine Authentication Enabled Machine Authentication: Default Machine Role x-comp Machine Authentication Cache Timeout 24 hr(s) Blacklist on Machine Authentication Failure Disabled Machine Authentication: Default User Role x-user Interval between Identity Requests 5 sec Quiet Period after Failed Authentication 30 sec Reauthentication Interval 86400 sec Use Server provided Reauthentication Interval Disabled Use the termination-action attribute from the Server Disabled Multicast Key Rotation Time Interval 1800 sec Unicast Key Rotation Time Interval 900 sec Authentication Server Retry Interval 5 sec Authentication Server Retry Count 3 Framed MTU 1100 bytes Max number of requests sent during an Auth attempt 5 Max Number of Reauthentication Attempts 3 Maximum number of times Held State can be bypassed 0 Dynamic WEP Key Message Retry Count 1 Dynamic WEP Key Size 128 bits Interval between WPA/WPA2 Key Messages 1000 msec Delay between EAP-Success and WPA2 Unicast Key Exchange 0 msec Delay between WPA/WPA2 Unicast Key and Group Key Exchange 0 msec Time interval after which the PMKSA will be deleted 8 hr(s) Delete Keycache upon user deletion Disabled WPA/WPA2 Key Message Retry Count 3 Multicast Key Rotation Disabled Unicast Key Rotation Disabled Reauthentication Enabled Opportunistic Key Caching Enabled Validate PMKID Enabled Use Session Key Disabled Use Static Key Disabled xSec MTU 1300 bytes Termination Disabled Termination EAP-Type N/A Termination Inner EAP-Type N/A Token Caching Disabled Token Caching Period 24 hr(s) CA-Certificate N/A Server-Certificate N/A TLS Guest Access Disabled TLS Guest Role guest Ignore EAPOL-START after authentication Disabled Handle EAPOL-Logoff Disabled Ignore EAP ID during negotiation. Disabled WPA-Fast-Handover Disabled Disable rekey and reauthentication for clients on call Disabled Check certificate common name against AAA server Enabled (WLC) # show aaa profile corp-AAA AAA Profile "corp-AAA" ---------------------- Parameter Value --------- ----- Initial role x-init MAC Authentication Profile N/A MAC Authentication Default Role guest MAC Authentication Server Group default 802.1X Authentication Profile corp-1x 802.1X Authentication Default Role x-auth 802.1X Authentication Server Group RADIUS_servers Download Role from CPPM Disabled Set username from dhcp option 12 Disabled L2 Authentication Fail Through Disabled Multiple Server Accounting Disabled User idle timeout N/A Max IPv4 for wireless user 2 RADIUS Accounting Server Group N/A RADIUS Interim Accounting Disabled XML API server N/A RFC 3576 server N/A User derivation rules N/A Wired to Wireless Roaming Enabled SIP authentication role N/A Device Type Classification Enabled Enforce DHCP Enabled PAN Firewall Integration Disabled Open SSID radius accounting Disabled