Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 205H Access Points

100

Table Of Contents

99| aaa profile Dell Networking W-Series ArubaOS 6.5.x| Reference Guide

Parameter Description Default

user-derivation-rules <profile>

User attribute profile from which the user

role or VLAN is derived.

—

user-idle-timeout

The user idle timeout for this profile. Specify

the idle timeout value for the client in

seconds. Valid range is 30-15300 in

multiples of 30 seconds. A value of 0

deletes the user immediately after

disassociation from the wireless network.

Enabling this option overrides the global

settings configured in the AAA timers. If this

is disabled, the global settings are used.

disabled

username-from-dhcp-opt12

Use user name from DHCPoption 12 for

non-802.1x authentication.

disabled

wired-to-wireless-roam

Keeps user authenticated when roaming

from the wired side of the network.

enabled

xml-api-server <ip-addr>

IP address of a configured XML API server.

See aaa xml-api on page 126.

NOTE: This parameter requires the PEFNG

license.

—

Usage Guidelines

The AAA profile defines the user role for unauthenticated users, the default user role for MAC or 802.1X

authentication, and user derivation rules. The AAA profile contains the authentication profile and

authentication server group.

There are predefined AAA profiles available, default-dot1x, default-mac-auth, and default-open. These profiles

have the parameter values shown in the following table.

Parameter default-dot1x

default-

mac-auth

default-

open

authentication-dot1x

default N/A N/A

authentication-mac

N/A default N/A

dot1x-default-role

authenticated guest guest

dot1x-server-group

N/A N/A N/A

initial-role

logon logon logon

mac-default-role

guest authenticate

guest