3Com WX2200 3CRWX220095A Switch User Manual


 
536 CHAPTER 23: MANAGING 802.1X ON THE WX SWITCH
Supplicant timeout (configured by the set dot1x timeout supplicant
command)
RADIUS session-timeout attribute
If both of these timeouts are set, MSS uses the shorter of the two. If the
RADIUS session-timeout attribute is not set, MSS uses the timeout
specified by the set dot1x timeout supplicant command, by default 30
seconds.
Managing 802.1X
Client
Reauthentication
Reauthentication of 802.1X wireless supplicants (clients) is enabled on
the WX switch by default. By default, the WX switch waits 3600 seconds
(1 hour) between authentication attempts. You can disable
reauthentication or change the defaults.
You also can use the RADIUS session-timeout attribute to set the
reauthentication timeout for a specific client. In this case, MSS uses the
timeout that has the lower value. If the session-timeout is set to fewer
seconds than the global reauthentication timeout, MSS uses the
session-timeout for the client. However, if the global reauthentication
timeout is shorter than the session-timeout, MSS uses the global timeout
instead.
Enabling and
Disabling 802.1X
Reauthentication
The following command enables or disables the reauthentication of
supplicants (clients) by the WX switch:
set dot1x reauth {enable | disable}
Reauthentication is enabled by default.
Type the following command to reenable reauthentication of clients:
WX1200# set dot1x reauth enable
success: dot1x reauthentication enabled.
Setting the Maximum
Number of 802.1X
Reauthentication
Attempts
The following command sets the number of reauthentication attempts
that the WX switch makes before the supplicant (client) becomes
unauthorized:
set dot1x reauth-max number-of-attempts