Dell 6.2 Server User Manual

Open as PDF

of 869

274 | VirtualPrivateNetworks DellPowerConnectW-SeriesArubaOS6.2 | User Guide

VPN Client RAP psk RAP certs CAP

External AAA server 1 External AAA server 1 Not supported CPSEC-whitelist

External AAA server 1 External AAA server 2 Not supported CPSEC-whitelist

LocalDB LocalDB LocalDB-AP CPSEC-whitelist

LocalDB External AAA server 1 Not supported CPSEC-whitelist

Working with Certificate Groups

The certificate group feature allows you to access multiple types of certificates on the same controller. To create a

certificate group, use the following command:

(host) (config) #crypto-local isakmp certificate-group server-certificate server_certificate

ca-certificate ca_certificate

You can view existing certificate groups using:

show crypto-local isakmp certificate-group

Working with VPN Authentication Profiles

VPN Authentication profiles identify a user role for authenticated VPN clients, an authentication server, and the

server group to which the authentication server belongs. There are three predefined VPN authentication profiles:

default, default-rap and default-cap. These different profiles allow you to use different authentication servers, user

roles and IP pools for VPN, remote AP and campus AP clients.

NOTE: The default and default-rap profiles are configurable, but the default-cap profile cannot be edited.

Parameter default default-rap default-cap

Default Role for authenticated users default-vpn-role default-vpn-role sys-ap-role

Maximum allowed authentication failures

(The number of contiguous authentication

failures before the station is blacklisted.)

0 (feature is disabled) 0 (feature is disabled) 0 (feature is disabled)

Check certificate common name against

AAA server

disabled enabled enabled

Authentication server group internal

Table 77:

Predefined Authentication Profile settings

To edit the default VPN authentication profile:

1. Navigate to the Configuration > Security > Authentication > L3 Authentication page.

2. In the Profiles list in the left window pane, select the default VPN Authentication Profile.

3. Click the Default Roledrop-down list and select the default user role for authenticated VPN users. (For detailed

information on creating and managing user roles and policies, see "Roles and Policies" on page 296.)

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Dell 6.2 Server User Manual