HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 107
dot1x unicast-trigger
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 107 highlights
• Periodic re-authentication timer (reauth-period)-Sets the interval at which the network device periodically re-authenticates online 802.1X users. To enable periodic online user re-authentication on a port, use the dot1x re-authenticate command. The change to the periodic re-authentication timer applies to the users that have been online only after the old timer expires. • Server timeout timer (server-timeout)-Starts when the access device sends a RADIUS Access-Request packet to the authentication server. If no response is received when this timer expires, the access device retransmits the request to the server. • Client timeout timer (supp-timeout)-Starts when the access device sends an EAP-Request/MD5 Challenge packet to a client. If no response is received when this timer expires, the access device retransmits the request to the client. • Username request timeout timer (tx-period)-Starts when the device sends an EAP-Request/Identity packet to a client in response to an authentication request. If the device receives no response before this timer expires, it retransmits the request. The timer also sets the interval at which the network device sends multicast EAP-Request/Identity packets to detect clients that cannot actively request authentication. Examples # Set the server timeout timer to 150 seconds. system-view [Sysname] dot1x timer server-timeout 150 Related commands display dot1x dot1x unicast-trigger Use dot1x unicast-trigger to enable the 802.1X unicast trigger function. Use undo dot1x unicast-trigger to disable the function. Syntax dot1x unicast-trigger undo dot1x unicast-trigger Default The unicast trigger function is disabled. Views Ethernet interface view Predefined user roles network-admin Usage guidelines The unicast trigger function enables the network access device to initiate 802.1X authentication when it receives a data frame from an unknown source MAC address. The device sends a unicast Identity EAP/Request packet to the unknown source MAC address, and retransmits the packet if it has received no response within a period of time (set with the dot1x timer tx-period command). This process continues until the maximum number of request attempts (set with the dot1x retry command) is reached. 98