Chapter 32: 802.1x Port-based Access Control Commands
486
disabled Specifies that
reauthentication by the
client is not required after
the initial authentication.
Reauthentication is only
required if there is a change
to the status of the link
between the supplicant and
the switch or the switch is
reset or power cycled.
txperiod Sets the number of seconds that the switch waits for a
response to an EAP-request/identity frame from the
client before retransmitting the request. The default
value is 30 seconds. The range is 1 to 65,535 seconds.
reauthperiod Enables periodic reauthentication of the client, which
is disabled by default. The default value is 3600
seconds. The range is 1 to 65,535 seconds.
supptimeout Sets the switch-to-client retransmission time for the
EAP-request frame. The default value for this
parameter is 30 seconds. The range is 1 to 600
seconds.
servertimeout Sets the timer used by the switch to determine
servtimeout authentication server timeout conditions. The default
value is 30 seconds. The range is 1 to 65,535 seconds.
The parameters are equivalent.
maxreq Specifies the maximum number of times that the
switch retransmits an EAP Request packet to the client
before it times out the authentication session. The
range is 1 to 10 retransmissions and the default is 2.
ctrldirboth Specifies how the port is to handle ingress and egress
broadcast and multicast packets when in the
unauthorized state. When a port is set to the
Authenticator role, it remains in the unauthorized
state until the client logs on by providing a username
and password combination. In the unauthorized state,
the port will only accept EAP packets from the client.
All other ingress packets that the port might receive
from the client, including multicast and broadcast
traffic, is discarded until the supplicant has logged on.