9-30
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Configuring Periodic Re-Authentication
You can enable periodic IEEE 802.1x client re-authentication and specify how often it occurs. If you do
not specify a time period before enabling re-authentication, the nu mber of seconds between attempts is
3600.
Beginning in privileged EXEC mode, follow these steps to enable periodic re-aut hentication of th e client
and to configure the number of seconds between re-authentication attempts. This proc ed ure is opt iona l.
To disable periodic re-authentication, use the no dot1x reauthentication interface configuration
command. To return to the default number of seconds between re-authentication attempts, use the no
dot1x timeout reauth-period interface configuration command.
This example shows how to enable periodic re-authentication and set the number of seconds between
re-authentication attempts to 4000:
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period 4000
Manually Re-Authenticating a Client Connected to a Port
You can manually re-authenticate the client connected to a specific por t at any time by entering the dot1x
re-authenticate interface interface-id privileged EXEC command. This step is optional. If you want to
enable or disable periodic re-authentication, see the “Configuring Periodic Re-Authentic ation ” section
on page 9-30.
This example shows how to manually re-authenticate the client conne cte d to a p ort:
Switch# dot1x re-authenticate interface gigabitethernet2/0/1
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface configuration mode.
Step3 dot1x reauthentication Enable periodic re-authentication of the client, whi ch i s disa bled by
default.
Step4 dot1x timeout reauth-period {seconds |
server}Set the number of seconds between re-authentication attempts.
The keywords have these meanings:
seconds—Sets the number of seconds from 1 to 65535; the default is
3600 seconds.
server—Sets the number of seconds based on the value of the
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Step5 end Return to privileged EXEC mode.
Step6 show dot1x interface interface-id Verify your entries.
Step7 copy running-config startup-config (Optional) Save your entries in the configuration file.