Filter
Top Products
Chapter 18: 802.1x Port-based Network Access
224
Authentication Mode— Select the authentication mode. Choose
from the following:
Unauthorized: Sets the port in the unauthorized state.
Although the port is in the authenticator role, the switch blocks
all authentication on the port. If you set all the ports on the
switch to this setting, then no clients can log on and forward
packets through them.
Force-authorized: Sets port in the force-authorized state. A
port in the force-authorized state transitions to the authorized
state without any authentication exchanges required. The port
transmits and receives traffic normally without 802.1X-based
authentication of the clients.
Auto: Sets the port active in the authenticator role. A port in
this state begins in the unauthorized state, forwarding only
authentication frames, until a client has logged on successfully.
Timeouts
The following fields set the timers for this feature:
Quiet Period— Enter the number of seconds that an authenticator
port remains in the quiet state following a failed authentication
exchange with a client. The range is 0 to 65,535 seconds. The
default value is 60 seconds.
Tx-period— Enter the number of seconds that an authenticator
port waits for a response to an EAP-request/identity frame from a
client before retransmitting the request. The range is 1 to 65,535
seconds. The default value is 30 seconds.
Reauth-period— Enter the time interval that an authenticator port
requires a client to reauthenticate. The range is 1 to 65,535
seconds. The default value is 3,600 seconds.
Supplicant-timeout— Enter the retransmission time for the EAP-
request frame from the authenticator port. The range is 1 to 600
seconds. The default value is 30 seconds.
Server-timeout— Enter the number of seconds the switch waits
for a response from the authentication server. The range is 1 to
600 seconds. The default value is 30 seconds.
Re-authentication— Check the checkbox to activate
reauthentication on the authenticator port. The client periodically
reauthenticates according to the time interval set with the Reauth-
period timer.
Number of Re-auth Requests— Enter the maximum number of
times the switch retransmits EAP Request packets to an client
before it times out an authentication session. The range is 1 to 10
retransmissions. The default value is 2.