Open as PDF
538 CHAPTER 23: MANAGING 802.1X ON THE WX SWITCH
Setting the Bonded
The following command changes the Bonded Auth™ (bonded
authentication) period, which is the number of seconds MSS retains
session information for an authenticated machine while waiting for the
802.1X client on the machine to start (re)authentication for the user.
Normally, the Bonded Auth period needs to be set only if the network has
Bonded Auth clients that use dynamic WEP, or use WEP-40 or WEP-104
encryption with WPA or RSN. These clients can be affected by the 802.1X
reauthentication parameter or the RADIUS Session-Timeout parameter.
To set the Bonded Auth period, use the following command:
set dot1x bonded-period seconds
The Bonded Auth period applies only to 802.1X authentication rules that
contain the bonded option.
To reset the Bonded Auth period to its default value, use the following
clear dot1x max-req
(For more information about Bonded Auth, see “Binding User
Authentication to Machine Authentication” on page 451.)
By default, the WX switch waits 60 seconds before responding to a client
whose authentication failed, and times out a request to a RADIUS server
or an authentication session with a client after 30 seconds. You can
modify these defaults.
Setting the 802.1X
The following command configures the number of seconds a WX switch
remains quiet and does not respond to a supplicant (client) after a failed
set dot1x quiet-period seconds
The default is 60 seconds. The acceptable range is from 0 to
For example, type the following command to set the quiet period to
WX1200# set dot1x quiet-period 300
success: dot1x quiet period set to 300.