Filter
Top Products
Parameter Description
Dynamic WEP Key Size The default dynamic WEP key size is 128 bits, If desired, you can change this parameter to
either 40 bits.
Interval between
WPA/WPA2 Key Messages
Interval, in milliseconds, between each WPA key exchanges. The allowed range of values is
1000-5000 ms, and the default value is 3000 ms.
Delay between EAP-
Success and WPA2 Unicast
Key Exchange
Interval, in milliseconds, between EAP-Success and unicast key exchanges. The allowed
range of values is 0-2000 ms, and the default value is 0 ms (no delay).
Delay between WPA/WPA2
Unicast Key and Group Key
Exchange
Interval, in milliseconds, between unicast and multicast key exchange. Time interval in
milliseconds. Range: 0-2000. Default: 0 (no delay)
Time interval after which
the PMKSA will be deleted
The time interval after which the PMKSA (Pairwise Master Key Security Association) cache is
deleted. Time interval in Hours. Range: 1-2000. Default: 8.
WPA/WPA2 Key Message
Retry Count
Number of times WPA/WPA2 key messages are retried. The allowed range of values for this
parameter is 1-5 retries, and the default value is 3 retries.
Multicast Key Rotation Select this checkbox to enable multicast key rotation. This feature is disabled by default.
Unicast Key Rotation Select this checkbox to enable unicast key rotation. This feature is disabled by default.
Opportunistic Key Caching By default, the 802.1X authentication profile enables a cached pairwise master key (PMK)
derived via a client and an associated AP and used when the client roams to a new AP. This
allows clients faster roaming without a full 802.1x authentication. Uncheck this option to
disable this feature.
NOTE: Make sure that the wireless client (the 802.1X supplicant) supports this feature. If the
client does not support this feature, the client will attempt to renegotiate the key whenever it
roams to a new AP. As a result, the key cached on the controller can be out of sync with the
key used by the client.
Validate PMKID This parameter instructs the controller to check the pairwise master key (PMK) ID sent by the
client. When this option is enabled, the client must send a PMKID in the associate or
reassociate frame to indicate that it supports OKC or PMK caching; otherwise, full 802.1x
authentication takes place.
NOTE: This feature is optional, since most clients that support OKC and PMK caching do not
send the PMKID in their association request.
Use Session Key Select the Use Session Key option to use the RADIUS session key as the unicast WEP key.
This option is disabled by default.
Use Static Key Select the Use Static Key option to use a static key as the unicast/multicast WEP key. This
option is disabled by default.
xSec MTU Set the maximum transmission unit (MTU) for frames using the xSec protocol. The range of
allowed values is 1024-1500 bytes, and 1300 bytes
Token Caching If you select EAP-GTC as the inner EAP method, you can select the Token Caching checkbox
to enable the controller to cache the username and password of each authenticated user. The
controller continues to reauthenticate users with the remote authentication server, however,
if the authentication server is not available, the controller will inspect its cached credentials
to reauthenticate users.
This option is disabled by default.
Token Caching Period If you select EAP-GTC as the inner EAP method, you can specify the timeout period, in hours,
DellPowerConnectW-SeriesArubaOS6.2 | User Guide 802.1XAuthentication | 198