194 CHAPTER 11: 802.1X CONFIGURATION
Configuring the
Authentication Method
for 802.1X User
The following commands can be used to configure the authentication method for
802.1X user. Three methods are available: PAP authentication (the RADIUS server
must support PAP authentication), CHAP authentication (the RADIUS server must
support CHAP authentication), EAP relay authentication (the Switch sends
authentication information to the RADIUS server in the form of EAP packets
directly and the RADIUS server must support EAP authentication). You can use EAP
authentication in one of the four sub-methods: PEAP, EAP-TLS, EAP-TTLS and
EAP-MD5.
Perform the following configurations in System View.
Table 195 Configuring the Authentication Method for 802.1X User
By default, CHAP authentication is used for 802.1X user authentication.
Setting the Maximum
Times of Authentication
Request Message
Retransmission
The following commands are used for setting the maximum retransmission times
of the authentication request message that the Switch sends to the user.
Perform the following configurations in System View.
Table 196 Setting the Maximum Times of the Authentication Request Message
Retransmission
By default, the max-retry-value is 3. That is, the Switch can retransmit the
authentication request message to a user for a maximum of 3 times.
Configuring Timers The following commands are used for configuring the 802.1X timers.
Perform the following configurations in System View.
Table 197 Configuring Timers
handshake-period: This timer begins after the user has passed the
authentication. After setting handshake-period, system will send the handshake
packet by the period. Suppose the dot1x retry time is configured as N, the system
Operation Command
Configure authentication method
for 802.1X user
dot1x authentication-method { chap |
pap | eap }
Restore the default authentication
method for 802.1X user
undo dot1x authentication-method
Operation Command
Set the maximum times of the authentication
request message retransmission
dot1x retry max_retry_value
Restore the default maximum retransmission times undo dot1x retry
Operation Command
Configure timers dot1x timer { { handshake-period
handshake-period-value | quiet-period
quiet_period_value | tx-period tx_period_value |
supp-timeout supp_timeout_value | server-timeout
server_timeout_value }
Restore default
settings of the timers
undo dot1x timer { handshake-period | quiet-period
| tx-period | supp-timeout | server-timeout }
To Next Page
Loading...
Need help?
General