Cisco Systems 2940 Manually Re-Authenticating a Client Connected to a Port, Changing the Quiet Period

8-12

Catalyst 2940 Switch Software Configuration Guide

78-15507-02

Chapter8 Configuring 802.1X Port-Based Authentication

Configuring 802.1X Authentication

Beginning in privileged EXEC mode, follow these steps to enable periodic re-aut hentication of th e client

and to configure the number of seconds between re-authentication attempts. This proc ed ure is opt iona l.

To disable periodic re-authentication, use the no dot1x reauthentication interface configuration

command. To return to the default number of seconds between re-authentication attempts, use the no

dot1x timeout reauth-period global configuration command.

This example shows how to enable periodic re-authentication and set the number of seconds between

re-authentication attempts to 4000:

Switch(config-if)# dot1x reauthentication

Switch(config-if)# dot1x timeout reauth-period 4000

Manually Re-Authenticating a Client Connected to a Port

You can manually re-authenticate the client connected to a specific por t at any time by entering the dot1x

re-authenticate interface interface-id privileged EXEC command. This step is optional. If you want to

enable or disable periodic re-authentication, see the “Enabling Periodic Re-A uth entic atio n” sect ion on

page 8-11.

This example shows how to manually re-authenticate the client connect ed t o Fast E ther ne t po rt 0 / 1:

Switch# dot1x re-authenticate interface fastethernet0/1

Changing the Quiet Period

When the switch cannot authenticate the client, the switch remains idle for a set period of time, and then

tries again. The idle time is determined by the quiet-period value. A failed authentication of the client

might occur because the client provided an invalid password. You can provide a faster response time to

the user by entering a smaller number than the default.

Beginning in privileged EXEC mode, follow these steps to change the quiet per iod. T his pro cedur e is

optional.

Command Purpose

Step1 configure terminal Enter global configuration mode.

Step2 interface interface-id Enter interface configuration mode, and specify the interface to be

configured.

Step3 dot1x reauthentication Enable periodic re-authentication of the client, whi ch i s disa bled by

default.

Step4 dot1x timeout reauth-period seconds Set the number of seconds between re-authentication attempts.

The range is 1 to 65535; the default is 3600 seconds.

This command affects the behavior of the switch only if periodic

re-authentication is enabled.

Step5 end Return to privileged EXEC mode.

Step6 show dot1x interface interface-id Verify your entries.

Step7 copy running-config startup-config (Optional) Save your entries in the configuration file.