Configuring the Switch
3-463
Configuring 802.1X Global SettingsThe dot1x protocol includes global parameters that control the client authentication
process that runs between the client and the switch (i.e., authenticator), as well as
the client identity lookup process that runs between the switch and authentication
server. The configuration options for parameters are described in this section.
Command Attributes
•802.1X Re-authentication – Sets the client to be re-authenticated after the interval
specified by the Timeout for Re-authentication Period. Re-authentication can be
used to detect if a new device is plugged into a switch port. (Default: Disabled)
•802.1X Max Request Count – Sets the maximum number of times the switch port
will retransmit an EAP request packet to the client before it times out the
authentication session. (Range: 1-10; Default 2)
•Timeout For Quiet Period – Sets the time that a switch port waits after the dot1X
Max Request Count has been exceeded before attempting to acquire a new client.
(Range: 1-65535 seconds; Default: 60 seconds)
•Timeout For Re-authentication Period – Sets the time period after which a
connected client must be re-authenticated. (Range: 1-65535 seconds;
Default: 3600 seconds)
•Timeout For Tx Period – Sets the time period during an authentication session
that the switch waits before re-transmitting an EAP packet. (Range: 1-65535;
Default: 30 seconds)
•authentication dot1x default* – Sets the default authentication server type. Note
that the specified authentication server type must be enabled and properly
configured for dot1x to function properly. (Options:radius).
* CLI only.
802.1X is enabled on port 1/24
Status Authorized
Operation mode Single-Host
Max count 5
Port-control Auto
Supplicant 00-00-e8-49-5e-dc
Current Identifier 3
Authenticator State Machine
State Authenticated
Reauth Count 0
Backend State Machine
State Idle
Request Count 0
Identifier(Server) 2
Reauthentication State Machine
State Initialize
Console#