ArubaOS 8.6.0.0Help Center
You are here: Home > Managed Devices > Configuring WAN Authentication Survivability

Configuring WAN Authentication Survivability

Enable佤邦NWide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance.survivability formanaged deviceson your network by navigating to theConfiguration > Authentication>Advancedtab, then selecting the Survivability tab.

The survivability settings on this tab are described inTable 1.

For additional information on佤邦NWide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance.Authentication Survivability, including authentication workflows and supported client and authentication types see the佤邦N Authentication Survivability Overview.

Table 1:佤邦N Authentication Survivability for aManaged Device

Parameter

Description

Enable Auth-Survivability

This parameter controls whether to use the Survival Server when no other authentication servers in the server group are in-service.

This parameter also controls whether to store the user access credential in the Survival Server when it is authenticated by an externalRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.orLDAPLightweight Directory Access Protocol. LDAP is a communication protocol that provides the ability to access and maintain distributed directory information services over a network.server in the server group. Authentication Survivability is enabled or disabled at eachmanaged device. This parameter is disabled by default.

NOTE:Authentication Survivability will not activate if Authentication Server Dead Time is configured as 0. For more information on configuring Authentication Server Dead Time, seeConfiguring Authentication Timers.

Authentication Server Certificate

This parameter allows you to view the name of the server certificate used by the local Survival Server. The local Survival Server is provided with a default server certificate fromArubaOS. The customer server certificate must be imported into themanaged devicefirst, and then you can assign the server certificate to the local Survival Server.

Cache Lifetime (hrs)

This parameter specifies the lifetime in hours for the cached access credential in the local Survival Server. When the specified cache-lifetime expires, the cached access credential is deleted from themanaged device.

Configured authentication servers are put into the out-of-service state when authentication requests time out. Themanaged devicepicks the next server from the server group when the previous server times out or fails.

When there are no more servers available from the server group, the local Survival Server processes the authentication request. When the client is authenticated with the local Survival Server, the previously stored Key Reply attributes are included in theRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.response.

The Cache Lifetime range is from 1 to 168 hours. The default is 24 hours.

Certificate Type Select the certificate to be used for client authentication.
/*]]>*/
Baidu