264 CHAPTER 11: 802.1X CONFIGURATION
By default, the Switch can trigger the user ID authentication over the users who
configure static IP addresses in DHCP environment.
Configuring the
Authentication Method
for 802.1x User
The following commands can be used to configure the authentication method for
802.1x user. Three methods are available: PAP authentication (the RADIUS server
must support PAP authentication), CHAP authentication (the RADIUS server must
support CHAP authentication), EAP relay authentication (the Switch sends
authentication information to the RADIUS server in the form of EAP packets
directly and the RADIUS server must support EAP authentication).
Perform the following configurations in System View.
Table 290 Configuring the Authentication Method for 802.1x User
By default, CHAP authentication is used for 802.1x user authentication.
Setting the Maximum
Times of Authentication
Request Message
Retransmission
The following commands are used for setting the maximum retransmission times
of the authentication request message that the Switch sends to the user.
Perform the following configurations in System View.
Table 291 Setting the Maximum Times of the Authentication Request Message
Retransmission
By default, the max-retry-value is 2. That is, the Switch can retransmit the
authentication request message to a user for a maximum of 2 times.
Configuring Timers The following commands are used for configuring the 802.1x timers.
Perform the following configurations in System View.
Table 292 Configuring Timers
Enable the switch to trigger the
authentication over them
undo dot1x dhcp-launch
Operation Command
Operation Command
Configure authentication method
for 802.1x user
dot1x authentication-method { chap |
pap | eap md5-challenge}
Restore the default authentication
method for 802.1x user
undo dot1x authentication-method
Operation Command
Set the maximum times of the authentication
request message retransmission
dot1x retry
max_retry_value
Restore the default maximum retransmission times undo dot1x retry
Operation Command
Configure timers dot1x timer { { handshake-period
handshake-period-value
| quiet-period
quiet_period_value
| tx-period
tx_period_value
|
supp-timeout
supp_timeout_value
| server-timeout
server_timeout_value
}
To Next Page