3Com WX2200 3CRWX220095A Switch User Manual


 
Managing 802.1X Client Reauthentication 537
The default number of reauthentication attempts is 2. You can specify
from 1 to 10 attempts. For example, type the following command to set
the number of authentication attempts to 8:
WX1200# set dot1x reauth-max 8
success: dot1x max reauth set to 8.
Type the following command to reset the maximum number of
reauthorization attempts to the default:
WX1200# clear dot1x reauth-max
success: change accepted.
If the number of reauthentications for a wired authentication client is
greater than the maximum number of reauthentications allowed, MSS
sends an EAP failure packet to the client and removes the client from the
network. However, MSS does not remove a wireless client from the
network under these circumstances.
Setting the 802.1X
Reauthentication
Period
The following command configures the number of seconds that the WX
switch waits before attempting reauthentication:
set dot1x reauth-period seconds
The default is 3600 seconds (1 hour). The range is from 60 to
1,641,600 seconds (19 days). This value can be overridden by user
authorization parameters.
MSS reauthenticates dynamic WEP clients based on the reauthentication
timer. MSS also reauthenticates WPA clients if the clients use the WEP-40
or WEP-104 cipher. For each dynamic WEP client or WPA client using a
WEP cipher, the reauthentication timer is set to the lesser of the global
setting or the value returned by the AAA server with the rest of the
authorization attributes for that client.
For example, type the following command to set the number of seconds
to 100 before reauthentication is attempted:
WX1200# set dot1x reauth-period 100
success: dot1x auth-server timeout set to 100.
Type the following command to reset the default timeout period:
WX1200# clear dot1x reauth-period
success: change accepted.