Command of the Day

Reply
Aruba Employee
Posts: 34
Registered: ‎03-29-2007

COTD: dot1x framed-mtu

Did you know about this command?
(Greig) (config) #dot1x framed-mtu
<500-1500> Value of Framed-MTU attribute
If you've deployed an Aruba switch remote from your RADIUS server, then chances are that you are using some sort of tunnel back to your centralised authentication. If you do NOT use AAA Fast-connect, then with 802.1x, your switch may well be sending large packets over your tunnel as the client sets up it's TLS tunnel to the RADIUS server. If the MTU of the connection to the RADIUS server is lower than the packet size coming from your client, then these request packets will be dropped somewhere in your tunnel, the switch will not receive any response and hence take your RADIUS server out of service. In this can, you can use the above command to make sure that your RADIUS requests are chopped small enough to pass through your tunnel and reach the RADIUS server.