The following example enables re-authentication and sets the re-authentication interval to
1000 seconds.
DGS-3610# configure terminal
DGS-3610(config)# dot1x re-authentication
DGS-3610(config)# dot1x timeout re-authperiod 1000
DGS-3610(config)# end
DGS-3610# show dot1x
802.1X Status: Disabled
Authentication Mode: EAP-MD5
Authed User Number: 0
Re-authen Enabled: Enabled
Re-authen Period: 1000 sec
Quiet Timer Period: 10 sec
Tx Timer Period: 3 sec
Supplicant Timeout: 3 sec
Server Timeout: 5 sec
Re-authen Max: 3 times
Maximum Request: 3 times
Client Oline Probe: Disabled
Eapol Tag Enable: Disabled
Authorization Mode: Disabled
If re-authentication is enabled, please pay attention to the reasonableness of the
re-authentication interval, which must be set according to the specific network size.
37.2.7 Changing the QUIET Time
When user authentication fails, the device does not allow that user to re-authenticate until a
specified period passes, which is referred to as Quiet Period. This value functions to protect
the device from malicious attacks. The default value of Quiet Period is set to 5 seconds.
A shorter Quiet Period may speed up re-authentication for users.
In the privileged mode, you can set the Quiet Period through the following steps:
You can use the no dot1x timeout quiet-period command to restore the Quiet Period to its
default.In the example below the QuietPeriod value is set to 500 seconds:
DGS-3610# configure terminal
DGS-3610(config)# dot1x timeout quiet-period 500
DGS-3610(config)# end
To Next Page
Loading...
