Filter
Top Products
Configuration Menu 137
802.1X Global configuration
Command: /cfg/l2/8021x/global
[802.1X Global Configuration Menu]
mode - Set access control mode
qtperiod - Set EAP-Request/Identity quiet time interval
txperiod - Set EAP-Request/Identity retransmission timeout
suptmout - Set EAP-Request retransmission timeout
svrtmout - Set server authentication request timeout
maxreq - Set max number of EAP-Request retransmissions
raperiod - Set reauthentication time interval
reauth - Set reauthentication status to on or off
default - Restore default 802.1X configuration
cur - Display current 802.1X configuration
The global 802.1X menu allows you to configure parameters that affect all ports in the switch (except
management port 17). The following table describes the 802.1X Global Configuration Menu options.
Table 106
802.1X Global Configuration Menu options
Command Description
mode force-
unauth|auto|force-
auth
Sets the type of access control for all ports:
• force-unauth - the port is unauthorized unconditionally.
• auto - the port is unauthorized until it is successfully authorized by the
RADIUS server.
• force-auth - the port is authorized unconditionally, allowing all traffic.
The default value is force-auth.
qtperiod <0-65535>
Sets the time, in seconds, the authenticator waits before transmitting an EAP-
Request/ Identity frame to the supplicant (client) after an authentication failure in
the previous round of authentication. The default value is 60 seconds.
txperiod <1-65535>
Sets the time, in seconds, the authenticator waits for an EAP-Response/Identity
frame from the supplicant (client) before retransmitting an EAP-Request/Identity
frame. The default value is 30 seconds.
suptmout <1-65535>
Sets the time, in seconds, the authenticator waits for an EAP-Response packet
from the supplicant (client) before retransmitting the EAP-Request packet from the
authentication server. The default value is 30 seconds.
svrtmout <1-65535>
Sets the time, in seconds, the authenticator waits for a response from the Radius
server before declaring an authentication timeout. The default value is 30
seconds.
The time interval between transmissions of the RADIUS Access-Request packet
containing the supplicant’s (client’s) EAP-Response packet is determined by the
current setting of /cfg/sys/radius/timeout (default is 3 seconds).
maxreq <1-10>
Sets the maximum number of times the authenticator retransmits an EAP-Request
packet to the supplicant (client). The default value is 2.
raperiod <1-604800>
Sets the time, in seconds, the authenticator waits before re-authenticating a
supplicant (client) when periodic re-authentication is enabled. The default value
is 3600 seconds.
reauth on|off
Sets the re-authentication status to on or off. The default value is off.
default
Resets the global 802.1X parameters to their default values.
cur
Displays current global 802.1X parameters.