Filter
Top Products
Configuring 802.1x 397
Network diagram
Figure 105 Network diagram for 802.1x PEAP configuration
Configuration procedure
The following configurations assume that PEAP is selected on 802.1x clients and the
RADIUS server to authenticate 802.1x supplicant systems.
Configure the switch.
1 Enter system view.
<S5500> system-view
2 Enable 802.1x globally.
[S5500] dot1x
3 Enable 802.1x for Ethernet1/0/1 port.
[S5500] dot1x interface ethernet 1/0/1
4 Configure to use 802.1x PEAP to authenticate supplicant systems.
[S5500] dot1x authentication-method eap
5 Enter Ethernet1/0/1 port view.
[S5500] interface ethernet 1/0/1
6 Configure the port to operate in MAC address-based authentication mode. (By
default, a port operates in MAC address-based authentication mode.)
[S5500] dot1x port-method macbased
Setting the Maximum
Times of Authentication
Request Message
Retransmission
The following commands are used for setting the maximum retransmission times of
the authentication request message that the Switch sends to the user.
Perform the following configurations in System View.
Table 420 Setting the Maximum Times of the Authentication Request Message
Retransmission
By default, the max-retry-value is 3. That is, the Switch can retransmit the
authentication request message to a user for a maximum of 3 times.
Supplicant system
Authentication Servers
(RADIUS Server Cluster
IP Address: 10.11.1.1
10.11.1.2)
Internet
Authenticator
Sw itc h
InternetInternet
E1/0/1
Internet
Inter net
Supplicant system
Authentication Servers
(RADIUS Server Cluster
IP Address: 10.11.1.1
10.11.1.2)
Internet
Authenticator
Sw itc h
Supplicant system
Authentication Servers
(RADIUS Server Cluster
IP Address: 10.11.1.1
10.11.1.2)
Internet
Authenticator
Sw itc h
InternetInternetInternet
E1/0/1
Internet
E1/0/1
Internet
Inter net
Operation Command
Set the maximum times of the authentication
request message retransmission
dot1x retry max_retry_value
Restore the default maximum retransmission times undo dot1x retry