Configuring Stateful 802.1X Authentication

When configuring 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication for clients on non-Aruba APs, you must specify the group of RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  servers that performs user authentication and assign roles to users who successfully complete authentication. When the user logs off or shuts down the client machine, Mobility Master notes the deauthentication message from the RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  server and changes the user’s role from the specified authenticated role back to the login role. For details on defining a RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  server used for stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication, see Configuring Authentication Servers.

The following procedure describes how to configure the Stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. Authentication profile:

  1. In the Managed Network node hierarchy, navigate to the ConfigurationAuthentication page.
  2. Under the L2 Authentication tab, select Navigation > Stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. Authentication.
  3. Select the role assigned to stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authenticated users from the Default Role drop-down list.
  4. Specify the Timeout period for authentication requests, between 1 and 20 seconds.

    The default value is 10 seconds.

  5. Select the Mode check box to enable stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.
  6. Click Submit.
  7. Select Pending Changes.
  8. In the Pending Changes window, select the check box and click Deploy changes.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication. The first set of commands defines the RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  server used for 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication, and the second set assigns that server to a server group. The third set associates the server group with the stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication profile, then sets the authentication role and timeout period.

(host) [md] (config) #aaa authentication-server radius <rad-server-name>

acctport <acctport>

authport <authport>

clone <source>

enable

enable-ipv6

enable-radsec

host <host>

key <key>

nas-identifier <nas-identifier>

nas-ip <nas-ip>

retransmit <retransmit>

timeout <timeout>

use-ip-for-calling-station

use-md5

(host) [md] (config) #aaa server-group <sg_name>

allow-fail-through

auth-server <name> [match-authstring {contains <sub_string>|equals <sub_string>|starts-with <sub_string>][match-fqdn {all|<fqdn>}][position <prio>][trim-fqdn]

clone <source>

load-balance

set {role|vlan} condition <attribute> [contains <operand>|ends-with <operand>|equals <operand>|not-equals <operand>|starts-with <operand>][value-of][set-value <set-value-str>][position <number>]

(host) [md] (config) #aaa authentication stateful-dot1x

default-role <default-role>

enable

server-group <srv-group>

timeout <timeout>

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands display the servers and profiles configured for stateful 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication:

(host) [md] #show aaa authentication-server radius

(host) [md] #show aaa server-group

(host) [md] #show aaa authentication stateful-dot1x