set dot1x auth-config

set dot1x auth-config

Use this command to configure 802.1X authentication.

Syntax

set dot1x auth-config {[authcontrolled-portcontrol {auto forced-auth forced-unauth}] [maxreq value] [quietperiod value] [reauthenabled {false true}] [reauthperiod value] [servertimeout timeout] [supptimeout timeout] [txperiod value]} [port-string]

Parameters

authcontrolled‐

Specifies the 802.1X port control mode.

portcontrol

auto – Set port control mode to auto controlled port control. This

auto forced‐auth

is the default value.

forced‐unauth

forced‐auth – Set port control mode to ForcedAuthorized

 

 

controlled port control.

 

forced‐unauth – Set port control mode to ForcedUnauthorized

 

controlled port control.

 

 

maxreq value

Specifies the maximum number of authentication requests allowed

 

by the backend authentication state machine. Valid values are 1 10.

 

Default value is 2.

 

 

quietperiod value

Specifies the time (in seconds) following a failed authentication

 

before another attempt can be made by the authenticator PAE state

 

machine. Valid values are 0 – 65535. Default value is 60 seconds.

 

 

reauthenabled false

Enables (true) or disables (false) reauthentication control of the

true

reauthentication timer state machine. Default value is false.

 

 

reauthperiod value

Specifies the time lapse (in seconds) between attempts by the

 

reauthentication timer state machine to reauthenticate a port. Valid

 

values are 0 – 65535. Default value is 3600 seconds.

 

 

servertimeout timeout

Specifies a timeout period (in seconds) for the authentication server,

 

used by the backend authentication state machine. Valid values are 1

 

– 300. Default value is 30 seconds.

 

 

supptimeout timeout

Specifies a timeout period (in seconds) for the authentication

 

supplicant used by the backend authentication state machine. Valid

 

values are 1 – 300. Default value is 30 seconds.

 

 

txperiod value

Specifies the period (in seconds) which passes between authenticator

 

PAE state machine EAP transmissions. Valid values are 0 – 65535.

 

Default value is 30 seconds.

 

 

port‐string

(Optional) Limits the configuration of desired settings to specified

 

port(s). For a detailed description of possible port‐string values, refer

 

to Port String Syntax Used in the CLI” on page 7‐1.

 

 

Defaults

If port‐string is not specified, authentication parameters will be set on all ports.

Mode

Switch command, read‐write.

SecureStack C3 Configuration Guide 26-19

Page 765
Image 765
Enterasys Networks 9034313-07 manual Set dot1x auth-config