Security

last person joined: 12 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Missing Enforce Machine Authentication option

This thread has been viewed 0 times

  • 1.  Missing Enforce Machine Authentication option

    Posted Mar 08, 2012 02:02 PM

    I am setting up a new 3200XM controller and I do not have the "Enforce Machine Authentication" option in my 802.1x configuration.  We have an older Aruba controller (the model we currently have slips my mind) that does have this option.  Is this something that is not included in the base license?  if it's not which license do I need to get this option?


    #3200


  • 2.  RE: Missing Enforce Machine Authentication option

    Posted Mar 08, 2012 02:30 PM

    You would need a PEF-NG licence. 

     

    dot1x profile, before PEF, 

    =====================

     

    #show aaa authentication dot1x default

    802.1X Authentication Profile "default"
    ---------------------------------------
    Parameter Value
    --------- -----
    Max authentication failures 0
    Interval between Identity Requests 30 sec
    Quiet Period after Failed Authentication 30 sec
    Reauthentication Interval 86400 sec

    same after PEF 

    =============

     

    #show aaa authentication dot1x default

    802.1X Authentication Profile "default"
    ---------------------------------------
    Parameter Value
    --------- -----
    Max authentication failures 0
    Enforce Machine Authentication Disabled
    Machine Authentication: Default Machine Role guest
    Machine Authentication Cache Timeout 24 hr(s)
    Blacklist on Machine Authentication Failure Disabled