424Configuring AAA for Network Users

for bonded authentication of all users at mycorp.com (*.mycorp.com). Both rules use pass-through as the protocol, and use RADIUS server group radgrp1.

23x0# set authentication dot1x ssid mycorp host/*-laptop.mycorp.com pass-through radgrp1

success: change accepted.

23x0# set authentication dot1x ssid mycorp *.mycorp.com bonded pass-through radgrp1

success: change accepted.

The following command sets the Bonded Authentication period to 60 seconds, to allow time for WEP users to reauthenticate:

23x0# set dot1x bonded-period 60

success: change accepted.

Displaying Bonded Authentication Configuration Information

To display Bonded Authentication configuration information, use the following command:

show dot1x config

In the following example, bob.mycorp.com uses Bonded Authentication, and the Bonded Authentication period is set to 60 seconds.

23x0# show dot1x config

802.1X user policy

----------------------

'host/bob-laptop.mycorp.com' on ssid 'mycorp' doing PASSTHRU

'bob.mycorp.com'

on ssid 'mycorp' doing PASSTHRU (bonded)

802.1X parameter

 

setting

----------------

 

-------

supplicant timeout

30

auth-server timeout

30

quiet period

 

60

transmit period

 

5

reauthentication

period

3600

maximum requests

 

2

key transmission

 

enabled

reauthentication

 

enabled

authentication control

enabled

WEP rekey period

 

1800

WEP rekey

 

enabled

Bonded period

 

60

320657-A

Page 424
Image 424
Nortel Networks 2300 manual Displaying Bonded Authentication Configuration Information, 23x0# set dot1x bonded-period