Set the port to be a controlled port (enable interface
authentication). You can use the no option of the
command to disable the authentication of the
interface.
You can use the no dot1x port-control command to disable the authentication of the
interface. The following example sets Ethernet interface 1/1 to be a controlled interface:
DGS-3610# configure terminal
DGS-3610(config)# interface f 1/1
DGS-3610(config-if)# dot1x port-control auto
DGS-3610(config)# end
When a port is set as a controlled port, only the EAP packets are allowed to pass; the
packets to the CPU are also under control.
37.2.6 Enabling Timing Re-authentication
The 802.1X can ask users for re-authentication periodically, to prevent pretending of
authorized users. This can also detect disconnection, making more accurate charging. In
addition to the re-authentication switch, you can also define the re-authentication interval,
which is 3600 seconds by default. In the case of charging based on duration, you should
determine the re-authentication interval according to the specific network size, which should
be sufficient and accurate.
In the privileged mode, you can enable/disable re-authentication and set the
re-authentication interval through the following steps.
You can use the no dot1x re-authentication command to disable timing re-authentication,
and use the no dot1x timeout re-authperiod command to restore the re-authentication
interval to the default.
To Next Page
Loading...
Need help?
General