9-13
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
OL-10101-02
Chapter 9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
IEEE 802.1x Authentication Configuration Guidelines
These section has configuration guidelines for these features:
IEEE 802.1x Authentication, page 9-14
VLAN Assignment, Guest VLAN, and Restricted VLAN, page 9-14
Tab l e 9-2 Default IEEE 802.1x Authentication Configuration
Feature Default Setting
Switch IEEE 802.1x enable state Disabled.
Per-interface IEEE 802.1x enable state Disabled (force-authorized).
The port sends and receives normal traffic without IEEE
802.1x-based authentication of the client.
AAA Disabled.
RADIUS server
IP address
UDP authentication port
Key
None specified.
1812.
None specified.
Host mode Single-host mode.
Control direction Bidirectional control.
Periodic re-authentication Disabled.
Number of seconds between
re-authentication attempts
3600 seconds.
Quiet period 60 seconds (number of seconds that the switch remains in
the quiet state following a failed authentication exchange
with the client).
Retransmission time 30 seconds (number of seconds that the switch should
wait for a response to an EAP request/identity frame
from the client before resending the request).
Maximum retransmission number 2 times (number of times that the switch will send an
EAP-request/identity frame before restarting the
authentication process).
Client timeout period 30 seconds (when relaying a request from the
authentication server to the client, the amount of time the
switch waits for a response before resending the request
to the client.
Authentication server timeout period 30 seconds (when relaying a response from the client to
the authentication server, the amount of time the switch
waits for a reply before resending the response to the
server. This setting is not configurable.)
Guest VLAN None specified.
Restricted VLAN None specified.