Security

Reply
Occasional Contributor I
Posts: 7
Registered: ‎10-15-2010

Missing Enforce Machine Authentication option

I am setting up a new 3200XM controller and I do not have the "Enforce Machine Authentication" option in my 802.1x configuration.  We have an older Aruba controller (the model we currently have slips my mind) that does have this option.  Is this something that is not included in the base license?  if it's not which license do I need to get this option?

Aruba Employee
Posts: 148
Registered: ‎11-25-2009

Re: Missing Enforce Machine Authentication option

You would need a PEF-NG licence. 

 

dot1x profile, before PEF, 

=====================

 

#show aaa authentication dot1x default

802.1X Authentication Profile "default"
---------------------------------------
Parameter Value
--------- -----
Max authentication failures 0
Interval between Identity Requests 30 sec
Quiet Period after Failed Authentication 30 sec
Reauthentication Interval 86400 sec

same after PEF 

=============

 

#show aaa authentication dot1x default

802.1X Authentication Profile "default"
---------------------------------------
Parameter Value
--------- -----
Max authentication failures 0
Enforce Machine Authentication Disabled
Machine Authentication: Default Machine Role guest
Machine Authentication Cache Timeout 24 hr(s)
Blacklist on Machine Authentication Failure Disabled

Vinod Kumaar AVM ACMX, ACDX
Principal Network Engineer
Customer Advocacy | Aruba Networks Inc.

Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: