HP 6125XLG R2306-HP 6125XLG Blade Switch Security Configuration Guide - Page 80
Setting the maximum number of authentication request attempts, Setting the 802.1X authentication
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 80 highlights
Step 1. Enter system view. 2. Enter Ethernet interface view. 3. Set the maximum number of concurrent 802.1X users on a port. Command system-view interface interface-type interface-number dot1x max-user user-number [ interface interface-list ] Remarks N/A N/A The default maximum number of concurrent 802.1X users on a port is 256. Setting the maximum number of authentication request attempts The network access device retransmits an authentication request if it receives no response to the request it has sent to the client within a period of time (specified by using the dot1x timer tx-period tx-period-value command or the dot1x timer supp-timeout supp-timeout-value command). The network access device stops retransmitting the request if it has made the maximum number of request transmission attempts but still receives no response. To set the maximum number of authentication request attempts: Step 1. Enter system view. 2. Set the maximum number of attempts for sending an authentication request. Command system-view dot1x retry max-retry-value Remarks N/A The default setting is 2. Setting the 802.1X authentication timeout timers The network device uses the following 802.1X authentication timeout timers: • Client timeout timer-Starts when the access device sends an EAP-Request/MD5 Challenge packet to a client. If no response is received when this timer expires, the access device retransmits the request to the client. • Server timeout timer-Starts when the access device sends a RADIUS Access-Request packet to the authentication server. If no response is received when this timer expires, the access device retransmits the request to the server. You can set the client timeout timer to a high value in a low-performance network and adjust the server timeout timer to adapt to the performance of different authentication servers. In most cases, the default settings are sufficient. To set the 802.1X authentication timeout timers: Step 1. Enter system view. 2. Set the client timeout timer. Command system-view dot1x timer supp-timeout supp-timeout-value Remarks N/A The default is 30 seconds. 71