Cisco IE-3000-8TC Command Reference - Page 132
dot1x timeout reauth-period, dot1x reauthentication, ratelimit-period, show dot1x, dot1x max-req
View all Cisco IE-3000-8TC manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 132 highlights
dot1x timeout Chapter 2 IE 3000 Switch Cisco IOS Commands Usage Guidelines You should change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. The dot1x timeout reauth-period interface configuration command affects the behavior of the switch only if you have enabled periodic re-authentication by using the dot1x reauthentication interface configuration command. During the quiet period, the switch does not accept or initiate any authentication requests. If you want to provide a faster response time to the user, enter a number smaller than the default. When the ratelimit-period is set to 0 (the default), the switch does not ignore EAPOL packets from clients that have been successfully authenticated and forwards them to the RADIUS server. Examples This example shows how to enable periodic re-authentication and to set 4000 as the number of seconds between re-authentication attempts: Switch(config-if)# dot1x reauthentication Switch(config-if)# dot1x timeout reauth-period 4000 This example shows how to enable periodic re-authentication and to specify the value of the Session-Timeout RADIUS attribute as the number of seconds between re-authentication attempts: Switch(config-if)# dot1x reauthentication Switch(config-if)# dot1x timeout reauth-period server This example shows how to set 30 seconds as the quiet time on the switch: Switch(config-if)# dot1x timeout quiet-period 30 This example shows how to set 45 seconds as the switch-to-authentication server retransmission time: Switch(config)# dot1x timeout server-timeout 45 This example shows how to set 45 seconds as the switch-to-client retransmission time for the EAP request frame: Switch(config-if)# dot1x timeout supp-timeout 45 This example shows how to set 60 as the number of seconds to wait for a response to an EAP-request/identity frame from the client before re-transmitting the request: Switch(config-if)# dot1x timeout tx-period 60 This example shows how to set 30 as the number of seconds that the switch ignores EAPOL packets from successfully authenticated clients: Switch(config-if)# dot1x timeout ratelimit-period 30 You can verify your settings by entering the show dot1x privileged EXEC command. Related Commands Command dot1x max-req dot1x reauthentication show dot1x Description Sets the maximum number of times that the switch sends an EAP-request/identity frame before restarting the authentication process. Enables periodic re-authentication of the client. Displays IEEE 802.1x status for all ports. 2-106 Cisco IE 3000 Switch Command Reference OL-13019-01