1-13
Figure 1-10 802.1x re-authentication
PC
Internet
PC PC
RADIUS
Server
Switch
802.1x re-authentication can be enabled in one of the following two ways:
z The RADIUS server has the switch perform 802.1x re-authentication of users. The
RADIUS server sends the switch an Access-Accept packet with the Termination-Action
attribute field of 1. Upon receiving the packet, the switch re-authenticates the user
periodically.
z You enable 802.1x re-authentication on the switch. With 802.1x re-authentication
enabled, the switch re-authenticates users periodically.
802.1x re-authentication will fail if a CAMS server is used and configured to perform
authentication but not accounting. This is because a CAMS server establishes a user
session after it begins to perform accounting. Therefore, to enable 802.1x
re-authentication, do not configure the accounting none command in the domain. This
restriction does not apply to other types of servers.
Introduction to 802.1x Configuration
802.1x provides a solution for authenticating users. To implement this solution, you need to
execute 802.1x-related commands. You also need to configure AAA schemes on switches
and specify the authentication scheme (RADIUS or local authentication scheme).
To Next Page
Loading...
