29-26
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
Chapter29 Understanding and Configuring 802.1X Port-Based Authentication
How to Configure 802.1X
To return to the default quiet-period, use the no dot1x timeout quiet-period configuration command.
This example shows how to set the quiet-period on the switch to 30 seconds:
Switch(config)# dot1x timeout quiet-period 30
Changing the Switch-to-Client Retransmission Time
The client responds to the EAP-request/identity frame from the switch with an EAP-response/identity
frame. If the switch does not receive this response, it waits a set period of time (known as the
retransmission time) and then retransmits the frame.
Note You should change the default value of this command only to adjust for unusual circumstances, such as
unreliable links or specific behavioral problems with certain clients and authentication servers.
To change the amount of time that the switch waits for client notification, perform this task:
To return to the default retransmission time, use the no dot1x timeout tx-period interface configuration
command.
This example shows how to set the retransmission time to 60 seconds:
Switch(config)# dot1x timeout tx-period 60
Step3 Switch(config)# dot1x timeout
quiet-period
seconds
Sets the number of seconds that the switch remains in the quiet-period
following a failed authentication exchange with the client.
The range is 0 to 65,535 seconds; the default is 60.
Step4 Switch(config)# end Returns to privileged EXEC mode.
Step5 Switch# show dot1x all Verifies your entries.
Step6 Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.
Command Purpose
Command Purpose
Step1 Switch# configure terminal Enters global configuration mode.
Step2 Switch(config)# interface
interface-id
Enters interface configuration mode and specifies the interface to be
enabled for timeout tx-period.
Step3 Switch(config-if)# dot1x timeout
tx-period
seconds
Sets the number of seconds that the switch waits for a respon se to an
EAP-request/identity frame from the client before retransmitting the
request.
The range is 1 to 65,535 seconds; the default is 30.
Step4 Switch(config)# end Returns to privileged EXEC mode.
Step5 Switch# show dot1x all Verifies your entries.
Step6 Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.