Filter
Top Products
8-12
Catalyst 2940 Switch Software Configuration Guide
78-15507-02
Chapter8 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Authentication
Beginning in privileged EXEC mode, follow these steps to enable periodic re-authentication of the client
and to configure the number of seconds between re-authentication attempts. This procedure is optional.
To disable periodic re-authentication, use the no dot1x reauthentication interface configuration
command. To return to the default number of seconds between re-authentication attempts, use the no
dot1x timeout reauth-period global configuration command.
This example shows how to enable periodic re-authentication and set the number of seconds between
re-authentication attempts to 4000:
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period 4000
Manually Re-Authenticating a Client Connected to a Port
You can manually re-authenticate the client connected to a specific port at any time by entering the dot1x
re-authenticate interface interface-id privileged EXEC command. This step is optional. If you want to
enable or disable periodic re-authentication, see the “Enabling Periodic Re-Authentication” section on
page 8-11.
This example shows how to manually re-authenticate the client connected to Fast Ethernet port 0/1:
Switch# dot1x re-authenticate interface fastethernet0/1
Changing the Quiet Period
When the switch cannot authenticate the client, the switch remains idle for a set period of time, and then
tries again. The idle time is determined by the quiet-period value. A failed authentication of the client
might occur because the client provided an invalid password. You can provide a faster response time to
the user by entering a smaller number than the default.
Beginning in privileged EXEC mode, follow these steps to change the quiet period. This procedure is
optional.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Enter interface configuration mode, and specify the interface to be
configured.
Step 3
dot1x reauthentication Enable periodic re-authentication of the client, which is disabled by
default.
Step 4
dot1x timeout reauth-period seconds Set the number of seconds between re-authentication attempts.
The range is 1 to 65535; the default is 3600 seconds.
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Step 5
end Return to privileged EXEC mode.
Step 6
show dot1x interface interface-id Verify your entries.
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.