PAE Details

Navigation

Device > Configure > PAE > PAE Details

The following information appears:

Guest VLAN Id (cpaeGuestVlanId)

Shutdown Timeout (cpaeShutdownTimeout)

Radius Accounting (cpaeRadiusAccountingEnabled)

Reauthentication Timeout (cpaeMacAuthBypassReAuthTimeout)

Reauthentication (cpaeMacAuthBypassReAuthEnabled)

Bypass Violation (cpaeMacAuthBypassViolation)

Authentication Shutdown Timeout (cpaeMacAuthBypassShutdownTimeout)

Authentication Fail Timeout (cpaeMacAuthBypassAuthFailTimeout)

Web Proxy Authentication (cpaeWebAuthEnabled)

Authentication Session Period (cpaeWebAuthSessionPeriod)

Login Page (cpaeWebAuthLoginPage)

Failed Login Page (cpaeWebAuthLoginFailedPage)

Quiet Period (cpaeWebAuthQuietPeriod)

Max Retries (cpaeWebAuthMaxRetries)

Test Limits (cpaePortEapolTestLimits)

MAB Critical Recovery (cpaeMabCriticalRecoveryDelay)

Auth Critical Recovery (cpaeWebAuthCriticalRecoveryDelay)

Critical Recovery Delay (cpaeCriticalRecoveryDelay)


Guest VLAN Id (cpaeGuestVlanId)

Specifies the ID of the system's guest VLAN.

Note the following:

An interface with a cpaePortMode value of singleHost is moved to the guest VLAN if the supplicant on the interface is not IEEE-802.1x capable.

A value of zero indicates that no guest VLAN is configured in the system.

If the platform supports a per-port guest VLAN ID configuration, this object is not instantiated.


Shutdown Timeout (cpaeShutdownTimeout)

Specifies the shutdown timeout interval to enable the interface automatically in case it is shutdown due to security violation.

Note the following:

If the value of this object is zero, then the interfaces shut down due to a security violation will not be enabled automatically.

The value of this object is applicable to the interface only when the value of cpaeShutdownTimeoutEnabled is true and the port security feature is disabled on the interface.


Radius Accounting (cpaeRadiusAccountingEnabled)

Indicates whether RADIUS accounting is enabled for this device.


Reauthentication Timeout (cpaeMacAuthBypassReAuthTimeout)

Amount of time that must elapse before reauthentication is triggered on all authenticated MAC Auth-bypass ports.


Reauthentication (cpaeMacAuthBypassReAuthEnabled)

Reauthentication control setting for all MAC Auth-bypass ports.

When this object is set to true, every authenticated MAC Auth-Bypass port reauthenticates the device connecting to that port after the time interval specified by cpaeMacAuthBypassReAuthTimeout elapses.

When this object is set to false, global MAC Auth-Bypass reauthentication is disabled.


Bypass Violation (cpaeMacAuthBypassViolation)

Specifies the action taken upon the receipt of a security violation event.

There are two possible values:

restrict(1): Packets from the MAC address of the device causing the security violation are dropped.

shutdown(2): The port responsible for the security violation is shutdown.


Authentication Shutdown Timeout (cpaeMacAuthBypassShutdownTimeout)

Amount of time that must elapse before a port is auto-enabled after being shutdown due to a MAC Auth-bypass security violation.


Authentication Fail Timeout (cpaeMacAuthBypassAuthFailTimeout)

Amount of time an unauthenticated MAC Auth-bypass port waits before retrying the authentication process.


Web Proxy Authentication (cpaeWebAuthEnabled)

Indicates whether web proxy authentication is enabled in the system.


Authentication Session Period (cpaeWebAuthSessionPeriod)

Web proxy authentication session period configured for the system.

The session period is the amount of time that must elapse before a web proxy authenticated session is terminated.


Login Page (cpaeWebAuthLoginPage)

URL of the customized login page for web proxy authentication.

A customized login page must provide the same input fields provided by the default login page for users to input credentials.

Note: If this object contains a zero-length string, the default login page is used.


Failed Login Page (cpaeWebAuthLoginFailedPage)

URL of the customized login-failed page for web proxy authentication.
 
The login-failed page is sent to a client any time an authentication failure occurs. This page must provide the same input fields provided by the default login page for users to input credentials, as well as authentication failure information.

Note: If this object contains a zero-length string, the default login-failed page is used.


Quiet Period (cpaeWebAuthQuietPeriod)

Amount of time a web proxy authentication state machine is held in the blackListed state after the maximum number of authentication attempts have been made.


Max Retries (cpaeWebAuthMaxRetries)

Maximum number of unsuccessful login attempts a user is allowed to make.


Test Limits (cpaePortEapolTestLimits)

The maximum number of entries allowed in cpaePortEapolTestTable.


MAB Critical Recovery (cpaeMabCriticalRecoveryDelay)

Specifies the critical recovery delay time for MAC Authentication Bypass (MAB) in the system. A value of zero indicates that critical recovery delay for MAB is disabled.


Auth Critical Recovery (cpaeWebAuthCriticalRecoveryDelay)

Specifies the critical recovery delay time for Web Proxy Authentication in the system. A value of zero indicates that critical recovery delay for Web Proxy Authentication is disabled.


Critical Recovery Delay (cpaeCriticalRecoveryDelay)

Specifies the critical recovery delay time for 802.1x in the system. A value of zero indicates that critical recovery delay for 802.1x is disabled.