Default SettingFeature
60 seconds (number of seconds that the switch remains in the quiet
state following a failed authentication exchange with the client).
Quiet period
30 seconds (number of seconds that the switch should wait for a
response to an EAP request/identity frame from the client before
resending the request).
Retransmission time
2 times (number of times that the switch will send an
EAP-request/identity frame before restarting the authentication
process).
Maximum retransmission number
30 seconds (when relaying a request from the authentication server
to the client, the amount of time the switch waits for a response
before resending the request to the client.)
Client timeout period
30 seconds (when relaying a response from the client to the
authentication server, the amount of time the switch waits for a
reply before resending the response to the server.)
You can change this timeout period by using the dot1x timeout
server-timeout interface configuration command.
Authentication server timeout period
Disabled.Inactivity timeout
None specified.Guest VLAN
Disabled.Inaccessible authentication bypass
None specified.Restricted VLAN
None specified.Authenticator (switch) mode
Disabled.MAC authentication bypass
Disabled.Voice-aware security
802.1x Authentication Configuration Guidelines
802.1x Authentication
These are the 802.1x authentication configuration guidelines:
•
When 802.1x authentication is enabled, ports are authenticated before any other Layer 2 or Layer 3
features are enabled.
•
If the VLAN to which an 802.1x-enabled port is assigned changes, this change is transparent and does
not affect the switch. For example, this change occurs if a port is assigned to a RADIUS server-assigned
VLAN and is then assigned to a different VLAN after re-authentication.
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1353
How to Configure 802.1x Port-Based Authentication
To Next Page
Loading...
Need help?
General
